logo
July 21, 2025 | Tatiana Severina

dMSAs Are the New AD Privilege Escalation Target — Here’s What You Need to Know

Introduction Windows Server 2025 introduced delegated managed service accounts (dMSAs) to improve security by linking service authentication to device identities. But attackers have already found a way to twist this new feature into a dangerous privilege escalation technique. The...
May 7, 2025 | Joe Dibley

What Is SPN and What is It’s Role in Active Directory and Security

Service Principal Names (SPNs) are unique identifiers in Active Directory used to map service instances to service accounts for Kerberos authentication. This article explains SPN structure, registration, uniqueness requirements, tools (e.g., setspn), and security implications. It covers attacks...
March 27, 2025 | Tyler Reese

PowerShell Grep Command

The Unix/Linux grep command is a versatile text search utility used for log analysis, code scanning, and system diagnostics. It supports case-insensitive searches, recursive directory scans, inverted matches, line numbers, and advanced regex patterns like lookahead and lookbehind. On Windows,...
November 20, 2024 | Tyler Reese

Add Alias in Active Directory

Active Directory supports email aliases through the proxyAddresses attribute, which stores primary and secondary addresses. Aliases allow role-based addresses, simplify administration, and centralize communication in Exchange or Microsoft 365 without extra mailboxes. You can manage them via ADUC...
October 30, 2024 | Dirk Schrader

What are Active Directory Service Accounts?

Just like human users, computer programs also need access to resources on a network to function properly. There’s a difference in how these two groups—individuals and programs—access these resources, though. While humans utilize user accounts, computer programs use Active Directory...
August 9, 2024 | Ian Andersen

Secure Password Policies for Active Directory: A Comprehensive Guide

One of the most common ways for attackers to slip into a corporate network is by compromising the username and password of a legitimate user account. Usernames are typically trivial to guess because they follow an established standard in a given organization, such as...
July 8, 2024 | Kevin Joyce

How to Backup Active Directory: A Step-by-Step Guide

Microsoft Active Directory (AD) is the primary authentication service used by a majority of organizations worldwide (roughly 90 percent). It stores critical business information on domain controllers (DCs) like user accounts, their permissions, the number of computers in your organization’s...
February 19, 2024 | Kate Fleming

How to Add a Distribution Group to a Security Group

Adding a distribution group to a security group is not possible, but making a security group the owner of a distribution list ensures streamlined management. This approach allows group members to manage list attributes, simplifies ownership changes when roles shift, and reduces errors. Attributes...
February 9, 2024 | Craig Riddell

A Comprehensive Guide to Active Directory Monitoring Tools

Effective Active Directory (AD) monitoring is a cornerstone for security and compliance. It empowers administrators to spot suspicious activity, including improper changes to AD objects like user accounts and Group Policy objects (GPOs), in time to avoid data breaches or minimize their...
January 23, 2024 | Tyler Reese

Office 365 Ransomware Protection

Office 365 ransomware protection requires addressing risks in both Microsoft 365 and Entra ID, including phishing, file sharing, mismanaged permissions, and compromised accounts. Native defenses such as Microsoft Defender, Conditional Access, Purview DLP, and Secure Score help block and detect...
Show more articles
...