Once upon a case...
Use this free tool to kill lateral movement! And no, this is not about LAPS!
I, too, can do click-bait title BS! Alright, this has been in my draft folder for almost two years....
Date: 04/01/2018
All you need to know about Keytab files
Whether you are currently using them or planning to issue one, here is (I hope) all you need to know...
Date: 01/03/2018
Extract pictures from a Steps Recorder file
For those who don't know, there is a pretty cool feature built-in in Windows since Windows...
Date: 11/03/2017
Why did I rename my Administrator account?
The question of whether you should rename the built-in administrator account in Active Directory...
Date: 10/17/2017
πΆπΆπΆ Credential theft made easy with Kerberos delegation
Yes it takes just 2 lines of PowerShell to impersonate whoever you want... A small preamble: things...
Date: 06/30/2017
Do I really need ADFS?
Update 2018-01-06: Lots of new things came up so I updated this article. Update 2018-04-10: Few...
Date: 02/06/2017
ADFS 2016 - Change the Active Directory claim provider display name in the Home Realm Discovery page
In Windows Server 2012 R2 ADFS (well that everybody calls ADFS 3), the display name of the ADFS farm...
Date: 12/02/2016
List all possible security events and their descriptions in PowerShell
If you'd like to know all the possible security event in your system, the best way to do it is to...
Date: 11/05/2016
ADFS 2016 - Cannot add/update Relying Parties from the GUI from metadata files "Method not found"
UPDATE: The following update is fixing this issue: Cumulative Update for Windows 10 Version 1607 and...
Date: 10/23/2016
Metadata #3 - Spot who is cheating on the password policy
Yes there are some ways to workaround the password policy... Mainly for operators and administrators...
Date: 10/20/2016
The source of my account lockout is my domain controller
When it comes to track down account lockouts, there are plenty of tools and techniques. Looking at...
Date: 10/02/2016
AD Fun Services β List all the members of an ADFS farm
In Windows Server 2012 R2, the ADFS database actually does not keep track of the servers member of...
Date: 09/13/2016
Q&D - Backup/Restore your ADFS claim rules for Office 365
When it comes to try and fail fast, nothing better than to be able to restore things the way it used...
Date: 08/23/2016
Script to update the Service-Communications SSL certificate
Changing the Service-Communications certificate for the Windows Server 2012 R2 ADFS servers and...
Date: 11/25/2015
Customize the Home Realm Discovery page to ask for UPN right away
DISCLAIMER: This post is a POC written for ADFS on Windows Server 2012 R2 When you have more than...
Date: 10/18/2015
ADFS extranet lockout and PDC requirement
IMPORTANT: This article applies to Windows Server 2012 R2 ADFS (aka ADFS 3). In Windows Server 2016...
Date: 10/11/2015
ADFS refuses to start, error 1297
Here is the scenario, your ADFS farm is happy, up and running. Because of update management...
Date: 09/04/2015
How to export an ADFS custom webtheme and import it to another server
As it is recommended on the following TechNet article: Advanced Customization of AD FS Sign-in Pages...
Date: 09/04/2015
Accept SAM-account name as a login format on the ADFS form-based password update page
If you want your users to use only their sAMAccountName to login to the ADFS form-based sign-in...
Date: 09/02/2015
Customizing the IDP images in the Home Realm Discovery page
One of the great benefits of the latest version of ADFS is that you do not need to know HTML or...
Date: 02/15/2015
Secure LDAP does not work using the FQDN of the domain for GCs?
I have been running into this issue a couple of times. You have a forest with multiple domains and...
Date: 11/16/2014
Raising the functional level to Windows 2012 or Windows 2012 R2... Will I break anything?
2/26/2016 Update, cf the I disagree with the PowerShell output section. In short, yes... Meaning...
Date: 10/29/2014
Raising the functional level - Are you getting cold feet because of KB2260240?
Raising the functional level of your domain is a pretty straight forward operation. It is a...
Date: 09/07/2014
fixfsmo.vbs in PowerShell
I wrote the equivalent of fixfsmo.vbs in PowerShell: Fix-InvalidFsmo.ps1. For those who don't...
Date: 08/26/2014
Metadata #1 - When did the delegation change? How to track security descriptor modifications
This post is a part of the Metadata series. Have a look at the intro to have more information about...
Date: 08/25/2014
Metadata #0 - Metadata, what is it and why do we care?
You are on site, audit wasn't properly configured and yet you need to understand what has changed....
Date: 08/25/2014
How to detect applications using "hardcoded" DC name or IP?
You look at Windows Server 2012 R2 and you tell yourself: "that would be nice if I could leverage...
Date: 07/13/2014
Track down LDAPs clients on a domain controller
You probably wonder why that could be a big deal. Usually clients not doing LDAPs are the ones we...
Date: 03/09/2014