Jess Dodson Righting the Right Rights Active Directory & Domain Security, Administration & Maintenance WIN341 B

Replication FSMO Roles Time Synchronization Trusts DNS & Networking Event Logs Account Administration

repadmin /replsummary

repadmin /showrepl * /errorsonly

repadmin /showutdvec * dc=,dc=

repadmin /queue *

repadmin /failcache

netdom query fsmo

type %systemroot%\debug\netlogon.log | findstr NO_CLIENT_SITE

Ports LDAP 636 – LDAP SSL 3268 – LDAP GC 3269 – LDAP GC SSL 135 – EPC, EPM 53 - DNS 88 - Kerberos 445 – SMB/IP 139 – NetBIOS Session Port 123 – NTP Time Services

DNS events 5774: DNS registration failure 5775: DNS de-registration failure 5781: DNS registration or deregistration failure

Continue your Ignite learning path Pass-the-Hash Attacks: the_hash_attacks Securing Active Directory – Best Practices: Microsoft Security Compliance Manager: Regular AD Maintenance & Checks:

Contact me! (best way!) Linkedin: Blog: