How to perform an offline audit of your Active Directory NTLM hashes

It’s read-only Friday so I decided to perform a offline audit of our Active Directory passwords. I found this great tool: https://gitlab.com/chelmzy/five-minute-password-audit which in turn is a fork of this tool: https://github.com/DGG-IT/Match-ADHashes What I’m going to write here is mostly a repeat of these two Gitrepos with a few tweaks and corrections. To perform this … Read more

Script to sync Domain Controller SSL Certificates to a specific host

We have an application that uses LDAP over SSL to authenticate users via Active Directory. The server running the application is a member of the domain and has the domains Root CA installed in it’s local certificate store. Technically the Root CA should be good enough for the server and any applications on it to … Read more

DFS not working properly over VPN for personal computers

We recently switched to a new VPN server after Mac OS dropped support for PPTP and because we were way overdue to do it anyway. Since then personal computers were unable to access network shares via DFS. They could go directly to the file server and that would work. Users who connected to VPN with … Read more

Exchange users unable to share calendars post AD/Exchange migration

We just recently went through an AD forest migration AND an Exchange 2010 -> 2016 migration across forests at the same time. Good times. One of the many issues that came up after the migration was the majority of our users being unable to share their calender’s with other users. When trying to share via … Read more

Previous version of the Active Directory Replication Status Tool

Who liked using the¬†Active Directory Replication Status Tool? I did. Who thought it was a great, simple, straight forward tool that was far easier than¬†interpreting the output of some command line tools and didn’t feel it needed to become a cloud service with a less intitive interface? I do. Digging through a few of my … Read more