We recently had a case where a customer saw the following unfriendly message during an administrator password reset against a user. The administrator performed the same reset from another DC in his environment (the same password against the same... Read More
Active Directory - Technical
Categories
Building a password dictionary: Overview and best practices
As long as users continue using common/predictable passwords, dictionary attacks will continue to work. Hackers are not the only ones who can take advantage of password predictability. The best protection against a dictionary attack is using a dictionary during... Read More
How to create a fine-grained password policy in AD
For the first eight years of Active Directory, the only native way of having multiple password policies in your AD forest, was to have multiple domains. When Windows Server 2008 arrived on the scene, Microsoft introduced the concept of... Read More
How things work: Group Policy Caching
The release of Windows 8.1 and Server 2012 R2 introduced a new Group Policy concept called Group Policy Caching. Its purpose is to reduce the time it takes to perform certain scenarios for synchronous foreground Group Policy refresh. Here’s... Read More
The data present in the reparse buffer is invalid 0x80071128
A number of Specops Deploy App and Specops Inventory customers have recently reported the following error: Exception: System.IO.IOExceptionThe data present in the reparse point buffer is invalid. We believe this is a general Microsoft group policy related issue, caused... Read More
Are my computers patched against Meltdown and Spectre?
Following the discovery of the Meltdown and Spectre vulnerabilities, we have had a number of enquiries from customers about tools that can identify affected machines in their environment. Microsoft has prepared a PowerShell script that can run on individual... Read More
How to remove insecure TLS protocols on your Password Reset System
A customer recently reported a problem with their Specops DMZ server after users were unable to reset their passwords via the password reset mobile app. The customer reinstalled the DMZ server, but still no success. Typically when we run... Read More
ADUC Menu Extensions in Specops Products
A user in Active Directory may be affected by a Group Policy extended with Specops settings. Many Specops products add an extension to the Active Directory Users and Computers (ADUC) console. Right-clicking on a user object will display new... Read More
Removing DHCP options 66 and 67 for WDS PXE booting
When our Specops Deploy customers run into errors during PXE boot, the likely culprit is often DHCP scope options 66 and 67. Aside from Microsoft not supporting the use of the aforementioned options to redirect PXE clients, it can... Read More
3 reasons why a client is not PXE booting and how to fix it
In this blog post, we will go over a few scenarios where a client might not PXE boot as expected. If you’re not familiar with the PXE boot functionality used by Specops Deploy, you might want to start here.... Read More