Can 'Unauthenticated' tag on NIC result to a broken secure channel?

Couple of days ago I noticed a strange behavior on network adapter of dozens of clients in my environment. The users were not able to authenticate to their workstations, throwing secure channel error. When one of the helpdesk administrators informed me about this issue, I thought it might be a typical problem of operating system including incorrect DNS configuration or duplicate names, but this was strange because basically everything related to secure channel were in place. Computer accounts were enabled in ADUC, DNS records existed, logintimestamps were updated and etc. So I tried digging in the problem to see what I can find.

The auditor of auditors: 'LepideAuditor Suite'

Today, in modern days of technology, the concept of auditing has become one of the interesting facts in Information Technology (IT). Back in days, when I was probably playing with my SNES, the concept of auditing was so hard to follow with built-in applications and consoles, but today, you can find many applications which either covers a specific part of auditing or support a huge number of services and applications. Among them, it is rare to find a solution which covers a whole range of services and audits, but ‘LepideAuditor Suite’ is one of those rare. In this article we will talk about this application.

Fix Group Policy error 1058

Greetings again,
 
Sorry for not being here for a long period of time. Recently I faced a strange issue which made me to pen down an article about it. So I will share this experience in case you may encounter it in near future.
While updating group policy clients my client was receiving an error indicating that the group policy folder in SYSVOL is not accessible. At first I thought that it might be related to some problems in DFS share and NETLOGON but it seemed everything was working perfectly because there was no error in DFS event log of the domain controllers.

Create Shadow Groups (Dynamic Groups) in Active Directory

Recently I faced a request from a client wanting a Dynamic Security Group in Active Directory which automatically update its members.. However we do have the concept of dynamic objects in Active Directory (I promise to speak on that on another article), but this one was completely different. The client wanted to have a security group which automatically removes the disabled users from it. So I started a lovely conversation with my lovely friend PowerShell.

Am I locked out? Where? How?

Account lockout feature is one of the powerful methods in order to prevent password related attacks. Using this method victim user account will be locked out after a number of failed attempts in a specific period of time. This feature has found its way to a lot of other technologies these days. My cellphone will be locked out after three wrong passwords and will not be able to work for about 2 minutes.
Although this policy can help you to prevent attackers from guessing user’s password, it is important to consider the risk provided by this solution in your environment because authorized users can lock themselves by mistyping their passwords when they do not remember the password. This problem can be quite costly for your organization, because locked out accounts will be unable to logon unless their accounts unlocks automatically after specific period of time or get unlocked by an administrator

Manipulate delegation wizard in Active Directory

Ever wanted to add your custom attribute to Delegation Wizard feature of Active Directory? Then you came to the right place. Sometime it can happen that default attributes of ‘Delegation Wizard’ are not just enough for you and you would like to add more options to it. In order to do that, you have to edit delegwiz.inf file which you can simply find it on a Domain Controller.