Domain Controller STS time guessing OFF
Domain Controllers may use the time field in SSL connections to guess at the time when other time sources are unavailable. OpenSSL puts random values in this field. Steve Gibson
Domain Controllers may use the time field in SSL connections to guess at the time when other time sources are unavailable. OpenSSL puts random values in this field. Steve Gibson
some explan goes here open your fav MMC console OR start, run, mmc.exe (enter) File, Add / Remove Snap InIn the left pane choose Computer ManagementIn the Select a Computer
Continue readingHowTo Verify your Domain isn’t using LM or NTLMv1
nice powershell script here https://blog.netwrix.com/2021/11/30/what-is-kerberos-delegation-an-overview-of-kerberos-delegation/
By default Windows uses a Rotating log file which means that when the log file gets full, the oldest entries automatically get over written. the default log size is 128mb
Group Policy is great for enforcing settings on a domain or group of users. You can also add extensions to support M$ Office, Chrome etc extensions come as a set
To reduce your attack surface it makes sense to disable unused accounts. Here are some methods to figure out if an accout is unused. For a small number of users,