Call Us: 1(480)819-1231

Journey to the Cloud with Us

Month: December 2020

Active Directory and Exchange Configuration Discovery using Powershell

Active Directory and Exchange Configuration Discovery using Powershell

Posted on by Patrick Buckley

Over the years I have assessed and analyzed many environments. Along the way I have run across many methods and tools for getting a configuration 'snapshot' while performing a discovery of a Microsoft environment. They all make calls to the Microsoft ‘management layer’ using different methods like, installing agents or direct access via WMI or code. They pull configuration data and provide some pretty cool canned reports around the data they gather. These tools can be expensive for 'integrators' as most of these products use ‘site’ licensing, forcing many of us to find other ways to quickly take a snapshot ... Read More

Prevent domain users from querying Elevated Groups

Prevent domain users from querying Elevated Groups

Posted on by Patrick Buckley

One of our customers that had recently suffered a brutal cyber attack tasked us with a method to protect elevated groups from being queried for membership by their domain users. I said, “That’s very specific.” My customer just looked at me and began to describe their situation. In a nutshell, the attacker had delivered a payload to one of their users via email. With this payload, the attacker was able to execute commands and install software on the infected computer. As a “Domain User” the attacker was able to query the “Domain Admins” group for its members. This information was ... Read More

Azure AD Connect – write ms-DS-Consistency-Guid using Synchronization rules Editor

Azure AD Connect – write ms-DS-Consistency-Guid using Synchronization rules Editor

Posted on by Patrick Buckley

One of my customers came to me the other day with a problem on an Azure AD Connect server that was not syncing any newly created objects. When I asked them about the last time they updated AD Connect, I was not surprised to hear that they hadn’t added it to their update schedule (Ill take some blame for this. They are, my customer, after all..). The next question I asked was “what source anchor are you using?”. Eventually they came back to me with the ‘ms-DS-Consistency-Guid’. “That’s interesting,” I said. “Can you check and see if your new users ... Read More

Datarift LLC 2020 Cloud Solutions
Phoenix, Arizona