Category windows-server

Rolling Over Kerberos Decryption Key for AZUREADSSOACC

The AZUREADSSOACC computer account is created during the activation of seamless single sign-on (SSO) in Microsoft Entra Connect, facilitating automatic sign-ins for users on corporate networks. It requires secure management by Domain Administrators, with regular updates of the Kerberos decryption key recommended every 30 days to ensure security.

How to Implement Windows LAPS in Microsoft Entra ID and Microsoft Intune

The Windows Local Administrator Password Solution (LAPS) enhances security by automatically managing unique passwords for local administrator accounts, thereby reducing unauthorized access risk. It simplifies password management, ensures compliance with auditing, centralizes password storage, minimizes the attack surface, and is easy to implement, making it beneficial for organizations of all sizes.

Azure Bastion – Transfer Files via Native RDP

Azure Bastion enhances security for remote access to virtual machines (VMs) using RDP and SSH while preventing exposure through public IPs. To enable native RDP access, users must upgrade from Basic to Standard tier in Azure Bastion and use Azure CLI or PowerShell for configuration. The article details required steps and commands.

How to Reset the KRBTGT Account: A Step-by-Step Guide

The KRBTGT account is a crucial component of Active Directory, facilitating secure Kerberos authentication. This article explains its significance and provides guidance on resetting its password to prevent potential attacks. It outlines various modes for executing the reset, emphasizing the necessity of password replication across domain controllers for security.

Essential Repadmin Commands for Domain Controllers

The post discusses the use of the repadmin command for troubleshooting Active Directory replication issues among domain controllers in Windows systems. It outlines several common commands for immediate replication, checking replication status, summarizing replication health, managing queued replications, and isolating replication errors, emphasizing the command's utility for administrators.

How to setup a Windows Admin Center

Windows Admin Center is a web-based tool for managing Windows servers and computers without needing a VPN. It allows access to resources, configuration settings, and Remote Access (RDP) connections through a browser. Users can customize setups, manage both domain and non-domain computers, and register the gateway on Azure for broader management capabilities.