Category Archives: Windows

Older posts
12
02
26
 1 Comment

Debugging Credential Provider with Visual Studio 2022 Remote Debugger

Posted by | Development environments, Windows | Tagged |

I installed Remote Tools for Visual Studio 2022 and run:

(more…)
06
02
26
 Leave a comment

Investigating Credential Providers on Windows

Posted by | Windows |

I registered a sample Credential Provider with the following .reg file:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{5fd3d285-0dd9-4362-8855-e0abaacd4af6}]
@="SampleV2CredentialProvider"

[HKEY_CLASSES_ROOT\CLSID\{5fd3d285-0dd9-4362-8855-e0abaacd4af6}]
@="SampleV2CredentialProvider"

[HKEY_CLASSES_ROOT\CLSID\{5fd3d285-0dd9-4362-8855-e0abaacd4af6}\InprocServer32]
@="SampleV2CredentialProvider.dll"
"ThreadingModel"="Apartment"
(more…)
22
12
25
 Leave a comment

Generating Events 8004 and 8005 in Windows Logs

Posted by | Windows | Tagged |

On DC with IP address 192.168.0.123:

wevtutil sl Microsoft-Windows-NTLM/Operational /e:true
wevtutil qe Microsoft-Windows-NTLM/Operational /q:"*[System[(EventID=8004 or EventID=8005)]]" /f:text
net share

Share name   Resource                        Remark

-------------------------------------------------------------------------------
C$           C:\                             Default share
IPC$                                         Remote IPC
ADMIN$       C:\Windows                      Remote Admin
NETLOGON     C:\Windows\SYSVOL\sysvol\my.local\SCRIPTS
                                             Logon server share
SYSVOL       C:\Windows\SYSVOL\sysvol        Logon server share
The command completed successfully.
(more…)
16
12
25
 Leave a comment

Installing LDAPS certificate on Windows 10

Posted by | Windows | Tagged , , |

I realized that my LDAPS certificate is not trusted with the following command in PowerShell:

certutil -verify ldap.crt
(more…)
28
11
25
 Leave a comment

Experimentations with LDAP/SASL on Ubuntu

Posted by | Ubuntu, Windows | Tagged , , |

SASL

I configured Kerberos on Ubuntu 24.04 WSL and was able to run the following command:

export KRB5_TRACE=/dev/stderr
ldapsearch -H ldap://myserver.my.local -Y GSSAPI

that produced the following output:

(more…)
24
11
25
 Leave a comment

Fixed ERR_PROXY_CONNECTION_FAILED in Google Chrome

Posted by | Windows |

By disabling this proxy:

(more…)
10
10
25
 Leave a comment

Checking LDAPS logs on a domain controller

Posted by | Windows | Tagged |

Directory Service logs

I set Verbose level:

(Get-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics")."16 LDAP Interface Events"

0

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics" -Name "16 LDAP Interface Events" -Value 5
(more…)
08
10
25
 2 Comments

How to remove terribly annoying English/Russian keyboard layout

Posted by | Windows |
(more…)
30
09
25
 2 Comments

Enabling LDAP over SSL

Posted by | Windows | Tagged |

Add Certificate Manager role

Enable probably something like Certificate Manager role on DC:

(more…)
18
09
25
 2 Comments

Increasing MaxConcurrentApi Kerboros parameter on a Domain Controller

Posted by | Windows |

I increased MaxConcurrentApi value of type DWORD in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters:

(more…)
Older posts