Latest HSGB Outings… Just-In-Time (JIT) Administration

Here’s my latest ‘Hey Scripting Guy! Blog’ outings. This time we have a guest appearance from my team mate, Phil Lane.   I spruced up Phil’s time-bound high privileged group membership proof-of-concept script and the result was a function that can also grant time-bound high privileged access.     Weekend Scripter: Use PowerShell for JIT Administration…

1

Security Focus: Analysing 'Account is sensitive and cannot be delegated' for Privileged Accounts

There are a number of configuration options we recommend for securing high privileged accounts. One of them, enabling 'Account is sensitive and cannot be delegated', ensures that an account’s credentials cannot be forwarded to other computers or services on the network by a trusted application.    The feature that allows an application to act on behalf of a user…

2