The ramblings of a computer geek
Microsoft Active Directory uses the concepts of “domains”, a domain is the outer edge of a security compartment; within a domain, user accounts, computer accounts and resources are authenticated and share a common authentication source. There is also the concept of a “forest”, a forest is a collection of domains, in the most basic configuration … Read more
NagiosXI and other monitoring tools have ways to determine if your SSL certificates on say a web server are nearing expiry, but what if you have software that uses a certificate but that certificate is not directly poll-able over the standard HTTPS checks. The script which can be found here, is a passive check, so … Read more
The Kemp Load Master allows for the configuration of authentication offloading to itself (from the Microsoft Exchange server supporting Kerberos) to allow for the Kemp Load Master to act as a sP (Service Provider) against an IdP (Identity Provider) for example OKTA. The use of SAML via OKTA allows for any SAML (and Kerberos KCD … Read more
Microsoft have published a vulnerability: https://msrc.microsoft.com/update-guide/vulnerability/ADV210003 which allows an attacker to use the NTLM authentications to begin an attack chain to make an unauthenticated NTLM connection that is then relayed to allow a connection to the Active Directory Certificate Services (ADCS), this assuming the auto-enrollment is enabled means that an attacker can make a request … Read more
OpenManage Enterprise version 3.4 allows automatic discovery of servers that have iDRAC firmware version 4.00.00.00 or later. The appliance can be configured to allow these servers to automatically locate the console by querying the DNS and initiate their discovery. The instructions (and this) give the use of the TUI or manual creation for Dell Openmanage … Read more
So it appears that there is a vulnerability identified in Microsoft Windows machines running Active Directory, this is covered on the Register: https://www.theregister.com/2021/06/30/windows_print_spool_vuln_rce/ Until you patch this you can just disable the “Printer Spooler” service on your Domain Controllers and well to be honest you don’t need this running on the Domain Controller anyway. Edit: … Read more
Here is a one liner to allow you to do this: Image Attribution: CHUTTERSNAP
If you like me, don’t want to have an admin prompt each time you want to save a file to a server you can disable UAC, by ensuring that all Administrators of the server don’t require approval to make minor changes. So if you say had a file on the C: drive you were trying … Read more
While doing some housekeeping on an Exchange 2010 server, I needed to delete a mailbox database but couldn’t getting the error shown below: PROBLEM: The mailbox database ‘Mailbox Database 2 G-L’ cannot be deleted. Mailbox Database 2 G-L Failed Error:This mailbox database contains one or more mailboxes, mailbox plans, archive mailboxes, or arbitration mailboxes. To … Read more
A colleague had a problem when attempting a restore a mailbox, this error was generated: Error: MapiExceptionInvalidParameter: Unable to modify table. (hr=0x80070057, ec=-2147024809) Diagnostic context: Lid: 55847 EMSMDBPOOL.EcPoolSessionDoRpc called [length=228] Lid: 43559 EMSMDBPOOL.EcPoolSessionDoRpc returned [ec=0x0][length=348][latency=15] Lid: 23226 — ROP Parse Start — Lid: 27962 ROP: ropModifyRules [65] Lid: 17082 ROP Error: 0x80070057 Lid: 27745 Lid: … Read more