Ask the Experts

Ask the Experts

Active Directory security

• How to detect and defend against a TCP port 445 exploit and attacks

  The WannaCry TCP port 445 exploit returned the spotlight to Microsoft's long-abused networking port. Network security expert Kevin Beaver explains how to detect and defend against such attacks.  Continue Reading

• QakBot malware: How did it trigger Microsoft AD lockouts?

  QakBot malware triggered hundreds of thousands of Microsoft Active Directory account lockouts. Discover the malware's target and how these attacks are being carried out.  Continue Reading

• How does the CLDAP protocol DDoS amplification attack work?

  DDoS amplification attacks that use the CLDAP protocol are a new threat to enterprises. Expert Matthew Pascucci explains how they work and how enterprises can protect themselves.  Continue Reading

• Can a read-only domain controller maximize DMZ security?

  Are read-only domain controllers a more secure option for setting up domain services in a DMZ than using a separate domain? Expert Kevin Beaver explains.  Continue Reading

• IMEI authentication: OK as a mobile authenticator?

  Is IMEI authentication a secure choice when considering a mobile authenticator? Randall Gamby explains why it may not be a wise choice.  Continue Reading

• Enterprise user de-provisioning best practices: How to efficiently revoke access

  Misplaced or stagnant employee access can be dangerous; Randall Gamby details user provisioning best practices for setting up a system to combat this risk.  Continue Reading

• Role-based access control: Making an enterprise RBAC implementation easier

  Learn the benefits of role-based access control based on job functions of network accessing employees, and how to make an RBAC implementation easier.  Continue Reading

• OpenLDAP migration: OpenLDAP from an Active Directory schema

  While integrating user provisioning products may seem like a lot of work, there are strategies to make it go smoothly. In this expert response, Randall Gamby describes how to incorporate OpenLDAP into an Active Directory schema.  Continue Reading

• How to grant local admin rights with Global Policy Objects

  When granting local admin rights, it's important to do it securely. Learn how to use Global Policy Objects and global security groups to do it correctly.  Continue Reading

• Choosing management for Active Directory user provisioning

  Who's in charge of Active Directory user provisioning at your organization? Learn how to choose the most effective user provisioning management method from expert Randall Gamby.  Continue Reading

• LDAP signing requirements for various directory configurations

  While there is no longer a standard directory configuration, it is still possible to implement LDAP signing in most environments. Learn more about LDAP signing requirements from IAM expert Randall Gamby.  Continue Reading

• How to edit group policy objects to give a user local admin rights

  Giving a user local admin rights to his or her computer alone can be a tricky prospect. In this expert answer, Mike Chapple explains what Group Policy objects can and can't do to make this happen.  Continue Reading

• Do the Group Policy Object and 'Password Never Expires' flag interact?

  How does the Group Policy Object interact with the 'Password Never Expires' flag in Active Directory? Identity and access management expert Joel Dubin explains.  Continue Reading

• What are the benefits of identity managed as a service?

  How do Software as a Service (SaaS) and IAM interact? Identity and access management expert Joel Dubin weighs in on how to approach the integration of the two.  Continue Reading

• What is the best way to securely change the local administrator password in a domain?

  Identity management and access control expert Joel Dubin unveils how a corporation can change local administrator accounts and passwords on a domain system.  Continue Reading

• Will enabling Group Policy password settings affect existing user accounts?

  In this expert response, identity management and access control expert Joel Dubin discusses the affect that Active Directory Group Policy password settings can have on user accounts.  Continue Reading

• How secure is the Windows registry?

  In this SearchSecurity.com Q&A, platform security expert Michael Cobb explains the weaknesses of the Windows registry and explores other OS alternatives.  Continue Reading

• How to create an optional login for the same application

  In this SearchSecurity.com Q&A, application security expert Michael Cobb explains how to create optional logins for your applications.  Continue Reading

• Training for Active Directory security

   Continue Reading

• Common authentication mechanism for LDAP and IMAP

   Continue Reading