OK, I know you used to be able to do this on a domain prior to a patch to 2003. Yet I can't for the life of me seem to find a recommended/supported means of doing this now. At least not in a 2008R2 or ...

Are there any gotchas to watch out for when removing the domain group "Domain Administrators" from the vCenter local admin group? As a result of that being there, anyone who is a domain admin is also ...

Creating a group in the domain containing the domain accounts that are allowed to administer machines, and adding that domain group name to the local administrators group on each machine, let you ...

Hackers can use tools like BloodHound to visualize the shortest path to owning your domain. But that doesn't mean you can't use it to find and protect your organization's weak spots. Here's how.

In my Tech Insight article in November, I discussed the issue of managing privileged accounts within an enterprise. One area I didn't really touch on was how to protect the local administrator ...

A look at penetration testing without vulnerabilities, using LLMNR and NBT-NS spoofing to gain a foothold in the environment and elevating to domain administrator. In this post we will look at a ...

Lost in the noise over the release of the beta 3 build of Windows Server 2008 was this gem: the read-only domain controller, or RODC. Created especially for branch offices or other environments where ...

Researchers have released exploits for the Windows Zerologon CVE-2020-1472 vulnerability that allow an attacker to take control of a Windows domain. Install patches now! As part of the August 2020 ...