Home – Blog

 

Pixel Perfection

This is Salient, take a look around & don't be shy

 

This is Salient

Stop blending in & start leaving your mark on the web

 

Experience

What real creative freedom feels like in a theme

 

Pixel Perfection

Salient was built with a high attention to details both in design & code

1
1

Avoid enabling Kerberos Pre-Authentication in AD

Kerberos Pre-Authentication The Key Distribution Center (KDC) is available as part of the domain controller and performs two key functions which are: Authentication Service (AS) and Ticket-Granting Service (TGS) By default the KDC requires all accounts to use pre-authentication. This is a security feature which offers protection against password-guessing attacks. The AS request identifies the client to…
Read more

 16,063 total views,  13 views today

Read More

LLMNR and NBT-NS Attack

LLMNR (Link-Local Multicast Name Resolution) is a protocol that is based upon the Domain Name System (DNS). It is often used by network-connected systems to identify hosts on the local-subnet when DNS fails, is not present or where peer-to-peer name-resolutions services are required. NBT-NS (NetBIOS Name Service) is a protocol to LLMNR and operates similarly…
Read more

 5,266 total views,  3 views today

Read More

How to Modify Preferred DNS Settings via PowerShell

How to Update/Modify Preferred DNS Settings via Powershell To get the Existing DNS Settings run the below command, Get-DnsClientServerAddress Need to get Interface Index for which you need to modify and New DNS information To modify the DNS Settings, use the below command, Set-DnsClientServerAddress -InterfaceIndex 12 -ServerAddresses (“10.0.0.10″,”10.0.0.11”) Now you can check Preferred DNS Settings…
Read more

 3,100 total views,  3 views today

Read More

How Change AD FS Service Communication Certificate

To change the Service Communication Certificate in AD FS, Kindly follow below setups Copy and Install the certificate on the AD FS servers. Once copied to the AD FS servers you can import the certificates: certutil -f -p “password” -importpfx C:\ADFS\certificate.pfx Get the Thumbprint of your New Certificate dir Cert:\LocalMachine\My\ If you have done that…
Read more

 2,782 total views,  3 views today

Read More

Group Managed Service Account (gMSA)

Active Directory managed service account that can be used to securely run services, applications, and scheduled tasks. Managed Service Accounts (MSA) to automatically manage (change) passwords of service accounts. Using MSA, you can considerably reduce the risk of system accounts running system services being compromised. MSA has one major problem which is the usage of…
Read more

 2,672 total views,  3 views today

Read More

How to Install & Configure AD FS 2019

Active Directory Federation Services (AD FS) also popularly known as SAML/Federation Services/SSO. It provides Web single-sign-on (SSO) to authenticate a user to multiple Web applications while utilizing a single account. AD FS Pre-requisite, Windows Server 2019 SSL Certificate Federation Services DNS name Service Account or Group Managed Service Account (gMSA) Domain Admin Permissions   Installing…
Read more

 4,180 total views,  3 views today

Read More

Domain Join failed

  Delegated security group us unable to join the systems to the domain, where IT Admin getting the error as “Access Denied”   Start your investigation from client machine  NetSetup.log which helps you to track further towards resolution. 06/06/2021 10:25:23:033 NetpModifyComputerObjectInDs: Attribute values to set: 06/06/2021 10:25:23:033   DnsHostName  =  Client-PC.cloudapex.com 06/06/2021 10:25:23:033   ServicePrincipalName  =  HOST/Client-PC.cloudapex.com…
Read more

 2,540 total views,  3 views today

Read More

How to Extend Expired AD User Password

Active directory account passwords expire set (for example, every 45 days) in most of the organisations. Configuring an AD account with Password Never Expires is not recommended due to security. I came across the scenario to extend an active directory account’s current password expiration date without changing the password expiration policy.   Extend Expired AD…
Read more

 2,895 total views,  2 views today

Read More

AD User Password Expires Alert using PowerShell

I have created a script which helps to checking the password expire status of users in Active Directory. Here few login which we used in the script. Import-Module ActiveDirectory $PasswordAge = (Get-ADDefaultDomainPasswordPolicy).MaxPasswordAge $ExpiryDate=$_.PasswordLastSet + $PasswordAge $DaysLeft=($ExpiryDate-$today).days Please contact us for above requirement.  2,353 total views,  2 views today

 2,353 total views,  2 views today

Read More

Get AD User Created Last 7 Days

Below PowerShell scripts helps you get AD Users which is created last 7 days (N). $Date = (Get-Date).AddDays(-7).Date Get-ADUser -Filter { WhenCreated -ge $Date } ` -Properties WhenCreated,EmailAddress,Country | Select-Object WhenCreated,SamAccountName,GivenName,EmailAddress, Country | Export-Csv C:\CloudApex\Audit-Report.csv -NoTypeInformation   Note: Always recommend to test before using production infrastructure. try your own risk  2,287 total views,  2 views today

 2,287 total views,  2 views today

Read More

Get Folder Size using PowerShell

Below PowerShell script helps you to get Folder size in GB’s $excludes = @(“Program Files”,”Windows”,”Program Files (x86)”) $startFolder = “C:\” $colItems = Get-ChildItem $startFolder -Force  -erroraction SilentlyContinue | Where {($_.PSIsContainer) -and ($excludes -notcontains $_.Name)} | Sort-Object $b=0 foreach ($i in $colItems) { $subFolderItems = Get-ChildItem $i.FullName -recurse -force -erroraction SilentlyContinue| Where-Object {$_.PSIsContainer -eq $false}  |…
Read more

 2,275 total views,  3 views today

Read More

Group Policy Overview

Group Policy that allows you to specify manage configurations for Users and Computers through Group Policy settings and Group Policy Preferences. There are 2 parts to a GPO One part is an object in AD (Called the Group Policy Container, or GPC) Another part is a set of files/folder within SYSVOL, on each DC (Called…
Read more

 2,227 total views,  2 views today

Read More

Active Directory Replication Overview

Active Directory Replication helps to transferring and updating Active Directory objects from one DC to another DC. To understand AD Replication, we are going to discuss the Connection Object, KCC, Subnet, Sites, Site-link, Site-link bridge, Global Catalog & Universal Group membership. Connection Object is an Active Directory object that represents a replication connection from a…
Read more

 2,273 total views,  2 views today

Read More

Event ID 5807 : Connections to this Domain Controller from client machines whose IP addresses don’t map to any of existing sites

Summary When client subnets are missing from active directory Sites and Services that results client to choose a incorrect domain controllers to communicate effectively with Directory Services. During DC localization process, Computer IP address matches against the subnets created in AD which helps to identify the subnet where client belongs to. If the DC cannot…
Read more

 2,466 total views,  2 views today

Read More

Ready To Stand Out?

Buy Salient Now  Reach Out To Us

 827 total views,  1 views today

Leave a Reply

Your email address will not be published. Required fields are marked *