OpenSSH logo

Retrieve SSH public key from Active Directory for SSH authentication

If you want to be able to log on to your Windows Servers through Win32 OpenSSH, you can make use of SSH public key authentication through a ~/.ssh/authorized_keys file. But if you have tens (hundreds) of servers and/or users, perhaps it’s easier to retrieve SSH public keys from Active Directory (AD). In this article I’ll explain how.

Read more

Windows privilege escalation guide

Ryan McFarland writes on his blog: “Privilege escalation always comes down to proper enumeration. But to accomplish proper enumeration you need to know what to check and look for. This takes familiarity with systems that normally comes along with experience. At first privilege escalation can seem like a daunting task, but after a while you start to filter through what is normal and what isn’t. It eventually becomes easier to know what to look for rather than digging through everything hoping to find that needle in the haystack. Hopefully this guide will provide a good foundation to build upon and get you started.”

Read more

List all SPNs used in your Active Directory

There are a lot of hints & tips out there for troubleshooting SPNs, or Service Principal Names. Listing duplicate SPNs is fairly easy, just use setspn -X on your command-line and you’ll find out. But how do you find out which SPNs are used for which users and computers are used for this?

Read more

“A domain rename operation is already in progress”

When promoting a Windows Server 2012 R2 to a Domain Controller failed…

The other day, when I attempted to add a newly installed Active Directory to become the slave domain controller of a master, the error message “A domain rename operation is already in progress” was displayed. Promoting the Windows Server 2012 R2 server to a Domain Controller failed.

Read more

Loading time: 85 queries, 0.165 seconds using 12830208 bytes memory. Peak memory usage: 13150824 bytes.