Guide: Implementing PAC Validation with Kerberos Armoring (FAST)

byWalid Hocine

Part 1: Enforcing PAC Validation via Kerberos Armoring (FAST) Kerberos Armoring (also known as FAST – Flexible Authentication Secure Tunneling) enhances the security of Kerberos authentication. It ensures that sensitive metadata like the Privilege…

About the QMR (quick machine recovery)

byWalid Hocine

Quick Machine Recovery (QMR) is an exciting new feature in Windows 11, designed to improve system reliability by automatically fixing critical boot issues. Here's a quick overview of its key features and operation: Key Features: Automatic Detect…

Reloading the Active Directory Schema Cache: Why and How to Do It

byWalid Hocine

When extending the Active Directory (AD) schema, for example, by adding new attributes or classes, it’s easy to overlook a critical detail: the schema cache doesn’t update instantly. This can cause frustrating errors, especially if your schema exten…

KCC in Active Directory

byWalid Hocine

In enterprise IT environments that rely on Active Directory, the Knowledge Consistency Checker (KCC) plays a vital background role in keeping things running smoothly. While many systems administrators may have heard of it, a closer examination revea…

Diamond Ticket Attack: The Silent Saboteur of Kerberos Trust

byWalid Hocine

In the Active Directory (AD) attack landscape, the Diamond Ticket attack emerges as a stealthy, advanced method of escalating privileges and bypassing standard security controls. Based on traditional Kerberos abuse techniques, this attack takes advant…

Disaster Recovery with Windows LAPS

byWalid Hocine

When Active Directory (AD) becomes unavailable due to corruption, attack, or accidental deletion, gaining access to domain-joined machines can become a critical challenge, especially in environments that rely on Windows LAPS to manage local admin cre…

Afficher plus de posts
Aucun résultat.