Active Directory Backup & Recovery
Categories
- Active Directory Backup & Recovery (65)
- Active Directory Security (229)
- AD Security 101 (17)
- Community Tools (24)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (74)
- Identity Attack Catalog (32)
- Identity Threat Detection & Response (158)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- Semperis University (5)
- The CISO's Perspective (16)
- Threat Research (76)
- Uncategorized (2)
Active Directory Corruption Comes In Two Flavors
- Sean Deuby | Principal Technologist, Americas
Active Directory is a very robust application, as it should be for such a fundamental building block of a company's IT infrastructure. But the architecture that makes it robust also makes it hard to understand. This lack of understanding often leads to assumptions in your recovery strategy that can leave…
Active Directory Replication Status Tool (ADREPLSTATUS) Rises Again
- Sean Deuby | Principal Technologist, Americas
Back in 2012, I wrote about a nifty tool known as the Active Directory Replication Status Monitor (inevitably shortened to ADREPLSTATUS for efficiency's sake) and how it was the first Microsoft tool produced in years to make monitoring Active Directory easier. Then recently Microsoft sort of took it away. Then,…
8 Situations That Put Your Active Directory At Risk
- Sean Deuby | Principal Technologist, Americas
Active Directory Domain Services (AD DS) has grown to be a marvelously reliable, highly scalable, and fault tolerant core component of your company’s IT infrastructure. It generally works quite well without requiring a lot of attention. But the AD DS admin must put in extra work to take the service…
Thinking The Unthinkable: Do You Have An Active Directory Forest Recovery Plan?
- Sean Deuby | Principal Technologist, Americas
If you want to make an Active Directory administrator uncomfortable, ask them about their recovery plan. When you ask this question, many AD admins will instead tell you about their object recovery plan. Some will describe their domain controller recovery procedures. But if you press further to ask if they've…
Vulnerability in Kerberos Allows Elevation of Privilege
- Sharon Vardi
Recently, Microsoft has released a security update (MS14-068) for Windows Server. The patched vulnerability is in the Windows Kerberos Key Distribution Center (KDC), which generates the session tickets to identities within Active Directory while accessing the Domain's resources. When clients request access to a resource, they contact the ticket-granting service…
Azure Active Directory vs. Active Directory Domain Services
I'll start by saying that today's Identity technologies can be very confusing. There are many Services (in the cloud era everything is a service), protocols, solutions, SDKs, technologies and products aiming to solve the Identity problem. I'll start by comparing the basic two which might be the most confusing as…
What are good and bad Active Directory snapshots
In this post I would like to explain a little bit more about Active Directory snapshots, and how you can or can't use them. 'First of all, let's make one thing very clear: VM Snapshots of Domain Controllers are not supported! Let me say that again if you have a…
What’s Active Directory Forest Recovery?
Now before we talk about Active Directory Forest Recovery, let's try to take a look at what are the different recovery scenarios, and when will I need each? (Note: if you're here just for the title scroll to the bottom of the post). The first and the easiest one is…
