Skip to content
Menu
IT-DRAFTS
  • About
  • My Statistics at Microsoft Q&A
  • Privacy policy
IT-DRAFTS

Tag: ActiveDirectory

August 6, 2025August 6, 2025

Reflection Relay: Never Happened Before, and Here We Go Again (CVE-2025-33073)

Hi, so today we will start from the end, yea… TL;DR: NTLM and Kerberos relays just got a spicy new variant. Microsoft “fixed” it back in 2008. And yet… it’s 2025, and attackers are relaying back to localhost like it’s a LAN party. Again. Let’s break it down. ☠️ Relay: The Classic That Won’t Die…

Read More
June 6, 2025June 6, 2025

Your Certificate Authority might betray u, like… for real :)))

aka: how to stop trusting blindly and lock down ur Microsoft ca before it ruins ur life What’s the big deal, why care about some “ca”? So CA is a topic a spicy one. like, most people don’t even think about certificate authority. it’s just “one of those servers in the corner” that got set…

Read More
May 19, 2025

Active Directory vs OpenLDAP vs FreeIPA

Authentication Protocols Active Directory Primary Protocol: Kerberos (v5) with NTLM fallback Authentication Flow: Client requests TGT from Domain Controller DC verifies credentials against database Client receives TGT and service tickets Encryption: AES-256 (default), supports RC4 for legacy Token Lifetime: Default 10 hours (configurable) Smart Card Support: Native through PKINIT OpenLDAP Primary Protocol: LDAP (v3) with SASL mechanisms **Authentication Methods: Simple…

Read More
July 9, 2024

How to prevent lateral movement to Entra ID when your Active Directory has fallen

Hey Hey, such a long read, but please take a time for review. At the moment, the biggest threat to an Entra ID tenant in the vast majority of environments comes from the connected Active Directory. Attackers are (currently) focusing heavily on on-prem environments, as these are generally much more difficult to protect and are…

Read More

Categories

ActiveDirectory AI AIInfrastructure Azure AzureAI azurepolicy azuresecurity cloudarchitecture cloudnetworking CloudSecurity Copilot ctrlaltdelblog Cybersecurity DataProtection DataSecurity DevOps devsecops Entra entraID GDPRcompliance Howto hybridcloud infosec Innovation Intune ITProblems licensing Microsoft Microsoft365 Microsoft AI MicrosoftAzure microsoftcloud Microsoft Product microsoftsecurity SecureAccess Security securitycopilot SoftwareUpdate sysadminlife TechNews updates Windows Windows10 Windows11 zeroTrust

Archives

  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025
  • February 2025
  • October 2024
  • September 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
No comments to show.

Recent Comments

Recent Posts

  • 🛡️ Secure Medallion Architecture on Azure Databricks Or How to Stop Treating Your Lakehouse Like a Flat Share
  • Monitoring Azure OpenAI Your Way — Without Tossing Out Your Observability Stack
  • How to Push Windows 11 25H2 Using Intune (Without Losing Your Sanity) + PowerShell Script
  • Goodbye SCOM Managed Instance: The End of an Era
  • Cybersecurity Tools: Expectation vs Reality
©2025 IT-DRAFTS | Powered by WordPress and Superb Themes!