Tag: Active Directory security

Distribution groups — more commonly known as distribution lists — are a powerful tool for managing communications. Users do not have to painstakingly compile a set of recipients for each email; they can simply select the appropriate distribution list. This approach doesn’t just save time; it...

Effective Active Directory (AD) monitoring is a cornerstone for security and compliance. It empowers administrators to spot suspicious activity, including improper changes to AD objects like user accounts and Group Policy objects (GPOs), in time to avoid data breaches or minimize their...

Most organizations today rely on Entra ID (formerly Azure AD) and Microsoft 365 (formerly Office 365) for core business operations. But how secure are these vital platforms against ransomware? This article explores the key concern concerns in Entra ID and Microsoft 365 and details the key...

Each user in an IT ecosystem — including both employees and third parties like consultants, trainers, auditors and contractors — needs to be provisioned access to the data and systems they need to do their job. In most cases, these IT resources involve sensitive information and applications...

Introduction What are FSMO Roles? There are 5 Flexible Single Master Operations (FSMO) roles: 2 forest-wide roles: Domain Naming Master and Schema Master 3 domain-wide roles: PDC Emulator, RID Master and Infrastructure Master Why Should FSMO Roles Be Transferred? All 5...

Introduction Shifting a Flexible Single Master Operations (FSMO) role from one domain controller (DC) to another is normally done through a role transfer operation. But if the DC that holds an FSMO role experiences a serious failure that takes it out of service, you must instead seize its FSMO...

Once an adversary has compromised privileged credentials, for example, by exploiting an attack path, they want to make sure they don’t lose their foothold in the domain. That is, even if the accounts they have compromised are disabled or have their passwords reset, they want to be able to...

Attackers use a variety of tactics to spread laterally across on-premises Windows machines, including Pass-the-Ticket, Pass-the-Hash, Overpass-the-Hash and Golden Tickets attacks. But similar techniques are also effective in moving laterally from a compromised workstation to...

Despite the popularity of the cloud, Microsoft Active Directory (AD) remains a crucial component of the IT infrastructure for many organizations. Indeed, Active Directory often serves as the central identity repository and provides vital authentication and authorization services — so keeping it...

Microsoft Active Directory (AD) is the central credential store for 90% of organizations worldwide. As the gatekeeper to business applications and data, it’s not just everywhere, it’s everything! Managing AD is a never-ending task, and securing it is even harder. At Netwrix, we talk to a...