I will be hosting a webinar titled “PowerShell in the Land of DevOps” on Monday, June 29, 2020, 10:00 AM – 11:30 AM CEST. We will explore features of PowerShell that can be used to automate the deployment of server applications, validate the infrastructure configuration against a well-defined baseline, and orchestrate software tests with GitHub or Azure DevOps. If you are interested, you can register for this event through GoToWebinar.
Tags: DevOps, GitHub, Microsoft Azure, PowerShell
Introduction Last month, Microsoft has introduced a new feature of Azure AD Connect called Single Sign On. It allows companies to configure SSO between AD and AAD without the need to deploy ADFS, which makes it an ideal solution for SMEs. Here is a high-level diagram of this functionality: As we can see from the diagram above, Azure AD exposes a publicly available endpoint that accepts Kerberos tickets and translates them • Read More »
Tags: Active Directory, Microsoft Azure, Mimikatz, Office 365, Security
Many people have asked me about the security implications of synchronizing passwords from Active Directory to Azure Active Directory using the Azure AD Connect tool. Although there is an article on Technet that claims that the passwords are synced in a very secure hashed form that cannot be misused for authentication against the on-premise Active Directory, it lacks any detail about the exact information being sent to Microsoft’s servers. A post at • Read More »
Tags: Active Directory, Microsoft Azure, Office 365, PowerShell, Security
Here is the list of cmdlets currently contained in the DSInternals PowerShell module: Online operations with the Active Directory database Get-ADReplAccount – Reads one or more accounts through the DRSR protocol, including secret attributes. Set-SamAccountPasswordHash – Sets NT and LM hashes of an account through the SAMR protocol. Get-ADReplBackupKey – Reads the DPAPI backup keys through the DRSR protocol. Offline operations with the Active Directory database Get-ADDBAccount – • Read More »
Tags: Active Directory, DPAPI, Microsoft Azure, Office 365, PowerShell, Security
I have released a new version of the DSInternals PowerShell module. This is mainly a bugfix release. You can grab it from the Downloads section. Or, if you have PowerShell 5, you can install the module from the PowerShell Gallery by running this command:
|
1 |
Install-Module -Name DSInternals |
Tags: Active Directory, Microsoft Azure, PowerShell, Security
I have decided to publish the DSInternals PowerShell Module, which contains a few cmdlets I use during my lectures about Active Directory security. You can find it in the Downloads section. It currently lacks any documentation, so Get-Help won’t give you nice results, but I am working on that. Examples
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
Import-Module DSInternals $pwd = ConvertTo-SecureString 'Pa$$W0rd' -AsPlainText -Force # Calculate the NT and LM hashes ConvertTo-NTHash $pwd # Output: 92937945b518814341de3f726500d4ff ConvertTo-LMHash $pwd # Output: 727e3576618fa1754a3b108f3fa6cb6d # Set AD account password hash using the SAMR protocol Set-SamAccountPasswordHash -SamAccountName john -Domain ADATUM -NTHash '92937945b518814341de3f726500d4ff' -Server dc1.adatum.com # Calculate the OrgId hash, that is sent to Azure Active Directory by DirSync ConvertTo-OrgIdHash -NTHash '92937945b518814341de3f726500d4ff' # Output: v1;PPH1_MD4,f76bc776428002f87f4b,100,0ab46c4a6351db87cc13323bb01eea073c90a52e376fffca559e57fbb19a441a; # Decrypt a password from Group Policy Preferences ConvertFrom-GPPrefPassword 'v9NWtCCOKEUHkZBxakMd6HLzo4+DzuizXP83EaImqF8' # Output: Pa$$w0rd # Decrypt a password from an unattend.xml file ConvertFrom-UnattendXmlPassword 'UABhACQAJAB3ADAAcgBkAEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAUABhAHMAcwB3AG8AcgBkAA==' # Output: Pa$$w0rd |
Error reporting If you find an error in the DSInternals Powershell Module, I would be glad if you sent me an e-mail. Planned • Read More »