Need to run something on all your domain controllers? [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain().DomainControllers | % { $_.name ; Invoke-Command -ComputerName $_.name -ScriptBlock { Stop-Service Spooler;set-service spooler -StartupType disabled } }

#WindowsServer 2025 offers a slew of new #ActiveDirectory features, but users must migrate their #DomainControllers before they can realize the benefits. techtarget.com/searchwindows…

Explore how read-only #DomainControllers work, what is required to deploy them, and how to maintain and manage them to avoid disruptions. #Microsoft #ActiveDirectory techtarget.com/searchwindows…

𝐇𝐎𝐖 𝐓𝐎 𝐃𝐈𝐒𝐀𝐁𝐋𝐄 𝐏𝐑𝐈𝐍𝐓 𝐒𝐏𝐎𝐎𝐋𝐄𝐑 𝐎𝐍 𝐃𝐎𝐌𝐀𝐈𝐍 𝐂𝐎𝐍𝐓𝐑𝐎𝐋𝐋𝐄𝐑𝐒 Print Spooler is a service that takes care of print management. This includes, but is not limited to, managing printer drivers, scheduling print jobs, etc. Print Spooler had a critical vulnerability in the past referred to as PrintNightmare (CVE-2021-34527). This vulnerability allowed attackers to execute code with administrator privileges. The Print Spooler vulnerability was patched promptly, so if you have updated systems, the immediate risk associated with PrintNightmare is no longer present. And for normal systems, it is usually not feasible to disable Print Spooler. It would make printing impossible, which is usually not desirable. But domain controllers are a critical part of Active Directory and need to be as secure as possible, which means blocking everything that is not needed. And you certainly should not need to print on domain controllers, so it’s a good idea to disable Print Spooler on domain controllers. 📺 Watch my YouTube video bellow on how to disable Print Spooler on Domain Controllers 👇 👇 youtu.be/O80HHKdnbcQ #cswlrd #printspooler #domaincontrollers #printnightmare #videotutorial

Should be more like ([System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()).DomainControllers

As the #ActivceDirectory forests I care for are all running #DomainControllers on #WindowsServer 2022 with domain & forest functional lever 2016 it is a breeze to prep them for 2025 to leverage scale, security & supportability improvements #MVPBuzz #32KPageSize

Gets some hands-on practice with the #RPCFirewall and #LDAPFirewall in protecting #DomainControllers in the upcoming @DEATHCon2024 !

🚨Out of Band Updates for #LSASS memory leak on #DomainControllers have been released. - Download only via Microsoft Update Catalog - Make sure you have enough free Diskspace bit.ly/3IUQpGz

🚨Microsoft confirms #Bug with #LSASS on #DomainControllers with March Update learn.microsoft.com/en-us/wi…

# You probably want to run AD Domain Controller hardening checks like this before the attackers do it. # Query Active Directory for Domain Controllers $domainControllers = Get-ADDomainController -Filter * foreach ($dc in $domainControllers) { $dcName = $dc.HostName Write-Host "Checking Domain Controller: $dcName" # Check if the Print Spooler service is running on the Domain Controller $printSpoolerStatus = Get-Service -ComputerName $dcName -Name Spooler -ErrorAction SilentlyContinue if ($printSpoolerStatus -ne $null) { if ($printSpoolerStatus.Status -eq "Running") { Write-Host "Print Spooler service is running on $dcName. Disabling the service..." # Stop and disable the Print Spooler service Stop-Service -ComputerName $dcName -Name Spooler -Force Set-Service -ComputerName $dcName -Name Spooler -StartupType Disabled Write-Host "Print Spooler service disabled on $dcName." } else { Write-Host "Print Spooler service is not running on $dcName." } } else { Write-Host "Print Spooler service not found on $dcName." } }

Ich konnte lang liegen gebliebene Texte schreiben und erstmal auf Platte speuchern, bis die VM des Domaincontrollers wieder da war.

#Server2012 #Server2012R2 #EndofSupport is here! Are you ready? No...? Watch these videos Upgrade #Servers - youtu.be/1pEgPnMQ8SA Upgrade #DomainControllers - youtu.be/GHm5ah7Wulo #Migrate #FileServers - youtu.be/22FxyVN4l6c

💣 #Windows #Server2012 #Support is ending #Oct 10 #2023 💣 #DomainControllers will become a #SecurityRisk for YOU! 📽️ #TheAzureAcademy can help you avoid this scenario. #EndofSupport #WindowsServer #ActiveDirectory youtu.be/GHm5ah7Wulo

🛑 Stop what you’re doing and watch this video right now! 🛑 Your #DomainControllers are about to expire! 🛑 YOU need to upgrade them ASAP! 📃 Just follow 5 step plan! youtu.be/GHm5ah7Wulo #TheAzureAcademy #AzureFamily #MSFTAdvocate #EndofSupport #ActiveDirectory

🔥 Don’t let your #DCs Die! 🔥 Watch #TheAzureAcademy to learn how to properly upgrade your #WindowsServer 2012 & 2012R2 🪟 #DomainControllers 🎛️ before the #EndofSupport 💁 on October 10, 2023. Your #ActiveDirectory will thank you 🙏 youtu.be/GHm5ah7Wulo @WSV_GUY

AD Replication Status Tool New Open Source Alternative @JosephRyanRies @vexpert #vmwarecommunities #100daysofhomelab #ActiveDirectoryGuide #ADReplicationStatusTool #ReplicationErrors #TroubleshootingAD #DomainControllers #ReplicationMetadata virtualizationhowto.com/2023…

Getting time from domain controllers in #PowerShell without PS remoting or WMI/CIM. Note that time on domain controllers is UTC & is dynamic [DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain().DomainControllers

#Microsoft is discontinuing support for #WindowsServer2012 R2 on 10/10/23, and with less than 6 months left admins need to take action NOW! @SanderBerkouwer shows how #ActiveDirectory monitoring & reporting can help smoothly migrate #DomainControllers. 👉enow.software/3IOGCCf

🛡️Protecting your domain controllers is crucial to prevent unauthorized access and security breaches. Understand the potential threats, improve DC security, and continuously monitor for any suspicious activities. semperis.com/blog/ad-securit… #ADsecurity101 #domaincontrollers

👨‍💻 In case you missed the webinar we hosted on The Importance of #ActiveDirectory Monitoring with @SanderBerkouwer, we've got you covered with a recap and a link to the on-demand recording! #AzureAD #DomainControllers #Kerberos enow.software/40fHaHZ