If you use Multi Factor Authentication in an Office 365 environment then you will need to use App Passwords for some applications that don’t support Multi Factor Authentication like Outlook, or other email clients on mobile devices.
If you’ve forgotton your App Password or need to delete or create a new one, here is where to find them and how to create a new one.
Accurate time in a domain environment is essential for authentication between clients and servers to work correctly. Kerberos v5 protocol requires a tolerance of less than 5 minutes, anything more than this and you will get authentication errors.
I’ve recently been investigating a a server who’s time leaped 28 days into the future! So wanted to start auditing the Windows Time service to see what made the change.
So in this blog post I’ll show you how to enable Windows Time service auditing.
Note: Fireware v12.1 is now available, see here for details.
Update – 10/11/17 A new build of 12.0.1 (build 546110) has been released for M200 and M300 devices. If you haven’t updated already, maybe wait a week to make sure this build is ok before upgrading. Having a remote Firecluster die on you isn’t fun, as happened with our upgrade to the original 12.0.1 Fireware!
Update – 07/11/17 don’t install 12.0.1 on a M200 or M300 Firecluster yet. The download has been temporarily pulled from the WatchGuard website for these products only.
WatchGuard Fireware v12.0.1 was released on 31 October 2017. This replaces the previous version of 12.0.0.
Full release notes can be found here. Please read them before upgrading! Your Firebox must be running, XTM v11.7.5, v11.8.4 or v11.9 or higher before upgrading. Continue reading →
For the next couple of posts I’ll be looking into AD security and auditing. In this article we’ll look at how to use Get-ADUser to list all recently created accounts.
With the increasing number of cyber attacks, security is at the top of most IT departments agenda. There are many checks you can perform to make sure AD is safe and secure, and that only valid or approved modifications have been made to user accounts. I’ll look at AD auditing in a future post, but this will be a handy snippet of PowerShell to help you identify recently created AD accounts, and a bonus bit of code to identify recently modified accounts!