active-directory
Weird GPOs - Netlogon_AvoidPdcOnWan —
Weird Microsoft advice and how to abuse it for remote access sites
AD - Account Lockout vs Disabled —
Disabling an account in AD isn't instant, but a lockout is.
Jumpboxes are not a mitigation for credential theft —
Advice no one reads from Microsoft, but probably should have. Jumpservers are Fake News(TM)
M$ - AlwaysOn VPN first thoughts —
AlwaysOn, initial thoughts and ideas
Shitty sysadmins - Applocker —
Applocker - 'May provide protection without being able to provide a robust defence'
Shitty sysadmins - MS14-025 —
findstr /S /I cpassword shouldn't give you domain admin in 2019
Password Audit and Control Guidance - Active Directory —
Stopping users from having stupid passwords in AD