Tag: Advanced (Page 2 of 3)

How to: Configuring Windows Server Core with PowerShell

January 11, 2026 / Michael Waterman / 0 Comments

A couple of weeks ago, I came across a discussion on Reddit about Windows Server Core versus Windows Server with a GUI. Not the usual debate about usability or learning curves, but something more telling, a lot of people were genuinely struggling to set up a Server Core installation from scratch.

Yes, there’s the built-in sconfig utility. It works, and for a one-off setup it’s perfectly fine. But let’s be honest, if you’re running Server Core in a production environment, clicking through menus or manually configuring systems shouldn’t be part of the plan. Server Core practically begs for automation.

PKI – Part 6: Demystifying the CAPolicy.inf file

May 18, 2025 / Michael Waterman / 2 Comments

Ever heard of the capolicy.inf file? It’s like a digital instruction manual for a Certificate Authority (CA) server. It pre-configures the CA and has a say in how certificates are set up or renewed. In other words, it’s a behind-the-scenes helper that ensures everything is governed with digital certificates. In this blog post, I’ll break down what this file does and why it matters in plain and simple terms.

PKI – Part 5: Creating Unique Object Identifiers (OIDs)

May 10, 2025 / Michael Waterman / 2 Comments

Introduction: Why OIDs matter in PKI

When building or managing a Public Key Infrastructure (PKI), precision and uniqueness are not optional, they’re very essential. Don’t be one of many, be your unique self! One key element that reflects this is the Object Identifier (OID). OIDs are globally unique values used to identify everything from certificate policies and application purposes to custom certificate extensions and cryptographic algorithms.

Step-by-Step Guide to Windows Event Forwarding and NTLMv1 Monitoring

June 29, 2024 / Michael Waterman / 22 Comments

Did you know that Windows has had a built-in capability to function as a SIEM (Security Information and Event Management) system for years, provided you stay within the Windows ecosystem? This powerful feature, known as Windows Event Forwarding (WEF), allows you to centralize event logs from multiple Windows machines, giving you a comprehensive view of your network’s activities.

Mastering Active Directory Dynamic DNS maintenance

April 28, 2024 / Michael Waterman / 5 Comments

A long long time ago, in a galaxy far far……. wait, that’s a different universe! But today I do want to talk about something very ancient, R FC2136 that was released in April 1997. This specific RFC describes the process of “Dynamic Updates in the Domain Name System (DNS UPDATE)“.

Exploring Persistent Access in Active Directory: The AdminSDHolder Backdoor

January 29, 2024 / Michael Waterman / 0 Comments

Hey there, tech enthusiasts and Active Directory adventurers! Today, let’s talk about something really cool yet often overlooked in the world of Microsoft Active Directory: the AdminSDHolder. Now, you might be thinking, “What’s so special about this AdminSDHolder?” Well, let me tell you, it’s a game-changer in how security permissions are managed in your organization’s digital realm.

Secure Identity Integration: The Roadmap with Entra Connect

December 28, 2023 / Michael Waterman / 1 Comment

Have you ever wondered how to seamlessly connect your on-premises Active Directory with Entra ID? Well, you’re in the right place because today, I’m diving into Entra Connect, formerly known as Azure AD Connect. But hold on tight, because we’re not just talking about the basics; we’re here to make sure you install and configure it like a security pro!

Advanced QEMU/KVM Networking on Ubuntu

December 12, 2023 / Michael Waterman / 0 Comments

Transitioning between Operating Systems can be a challenge. Many aspects of what you’re used to work differently and you should expect a learning curve.

Well, that was a weird intro for a blog post that has Linux networking in the title! Actually I’m saying goodby to Windows as my primary system…. yes you read that correctly. It’s not that I don’t like the system anymore, it’s the direction Microsoft is taking with AI and the integration into the OS that made me take this decision.

Privileged Access Workstation Shenanigans

October 18, 2023 / Michael Waterman / 0 Comments

Do you know what really ticks me off? Stuff that doesn’t work as expected. Exactly that happened to me today while I revisited configuring a “Privileged Access Workstation” (PAW). Now a PAW is used to safeguard highly privileged credentials in a domain or cloud environment. In essence it’s a workstation used solely for admin work, all infrastructure management is done from this machine. While talking about configuring a PAW is beyond the scope of this blog post, I do need to point out that “Domain Admins” and equivalent groups should never ever have local admin rights on a PAW, they should be regular users, reducing the risk of credential theft and the obvious malware infection that usually follows.

PKI – Part 4: Understanding Cryptographic Providers

October 13, 2023 / Michael Waterman / 4 Comments

Introduction

In the realm of Public Key Infrastructure (PKI), where the keys to digital security are exchanged, stored, and safeguarded, cryptographic providers play a pivotal role. These providers are the guardians of cryptographic keys, ensuring the integrity, confidentiality, and authenticity of digital communications. They are the invisible sentinels that underpin the very foundation of trust in the digital world.