Hi @Lee Dandridge - First enable msDS-SupportedEncryptionType to support
AES on all accounts with a SPN then monitor 4769 events for any use of
RC4. Additionally you should capture and analyze 4768 events for RC4 use
which will identify RC4 using when requesting a TGT. My lasted blog post
explains w...
Great information in the article and the comments; great to know there
are such complete references out there. One question @Jerry Devore , we
are trying to update all the supported ciphers on our internal domain
and want to know which should come first, Remove the RC4 ciphers 1st, or
set the msDS-S...
@pk_Tech It's seem similar my previous situation.For my last problem, I
was point to the related OU and some of the user doesn't have the email
so the script will stuck and stop to send. How I resolve the problem?I
create another same OU, and move the user which do not have email to
this OU.
Hello,thank you for sharing the script, it works perfectly after too
much testings.just to let you know that we can also adjust the script to
lookup users in a specific OU; this way you can send different emails to
each group of users/departments.
Hello @v-liangchen , was it about authenticating from an Azure VM, an
Arc-Enabled VM or from Automation Account? I am not aware of any change
and the replacement you did was basically changing the target to a
different resource not Azure Monitor. Did you grant the necessary
permission to the managed...
Latest Comments