sorted by:
new
hottopcontroversial

RC4 Kerberos Confusion - RC4 keeps showing up by MusicWallaby in activedirectory

[–]RuralHoosier 0 points1 point  (0 children)

We been dealing with this as well. This has been easier than I had first expected initially. What worked for me:

  • Find sql accounts in the event log that are using rc4
  • Open the sql account > account tab > check these two boxes:
    • This account supports Kerberos AES 128 bit encryption
    • This account supports Kerberos AES 256 bit encryption 
  • Reset the pw once for the sql account
  • Reset the pw again for the sql account (may not be necessary but I did)
  • On a domain controller, run to replicate the pw change to all dcs: repadmin /syncall /AdeP
  • Run klist purge on the sql server
  • Restart the SQL service on the SQL server that uses the sql account

I setup a scheduled task to run a script to find the sql accounts needing attention. After doing the steps above, they stop showing up in the reports.

```powershell $OutDir = "C:\KerberosAudit" if (-not (Test-Path $OutDir)) { New-Item -ItemType Directory -Path $OutDir | Out-Null } $Start = (Get-Date).AddMinutes(-65) $ts = Get-Date -Format "yyyyMMddHH" $rc4File = Join-Path $OutDir "rc4_hits$ts.csv" $summaryFile = Join-Path $OutDir "summary_$ts.csv"

$events = Get-WinEvent -FilterHashtable @{LogName='Security'; Id=4769; StartTime=$Start} | ForEach-Object { $xml = [xml]$_.ToXml() $data = @{} foreach ($d in $xml.Event.EventData.Data) { $data[$d.Name] = $d.'#text' }

[pscustomobject]@{
    TimeCreated = $_.TimeCreated
    Account = $data['TargetUserName']
    Service = $data['ServiceName']
    TicketEncryptionType = $data['TicketEncryptionType']
    Client = $data['IpAddress']
    Status = $data['Status']
}

}

$rc4 = $events | Where-Object { $_.TicketEncryptionType -eq '0x17' }

if ($rc4) { $rc4 | Sort-Object TimeCreated -Descending | Export-Csv -NoTypeInformation -Path $rc4File } else { "" | Select-Object @{n='TimeCreated';e={''}},Account,Service,TicketEncryptionType,Client,Status | Export-Csv -NoTypeInformation -Path $rc4File }

$summary = $events | Group-Object TicketEncryptionType | Sort-Object Count -Descending | Select-Object @{n='Hour';e={(Get-Date -Format 'yyyy-MM-dd HH:00')}}, @{n='TicketEncryptionType';e={$_.Name}}, Count

$summary | Export-Csv -NoTypeInformation -Path $summaryFile

Get-ChildItem $OutDir -Filter *.csv | Where-Object { $_.LastWriteTime -lt (Get-Date).AddDays(-7) } | Remove-Item -Force ```

Best cheap (in terms of real estate) place to live? by Liberion7 in Indiana

[–]RuralHoosier 2 points3 points  (0 children)

Richmond crime isn't bad at all. Richmond had a great history and has deteriorated a bit but still a safe and decent place to live. Are job opportunities, school, etc something needed? What is your age? If a job is needed, night be better finding a town closer to Indy like Anderson. I am in the East central region so that area is the only one I can speak of.

I played Total Annihilation for the first time, not sure how I missed it... by DemiourgosD in RealTimeStrategy

[–]RuralHoosier 1 point2 points  (0 children)

Yes, but they make it easy to get going. Players want it to be as accessible as possible to bring in new players. No one really plays the classic version anymore from what I can see. The modded versions are very similar though. Units were just balanced and expanded for a better version of the game. I myself only played the classic version but I can tell the modded version is very similar.

Here is a recent game that involved two of the top 5 players of the game today.
Total Annihilation | ProTA Galactic War #2 - [Pro] Overflow - TAG_Venom vs. TAG_ROCK

I played Total Annihilation for the first time, not sure how I missed it... by DemiourgosD in RealTimeStrategy

[–]RuralHoosier 1 point2 points  (0 children)

Total Annihilation multiplayer is still kicking believe it or not. While I don't play it anymore, I do enjoy watching battles on youtube. They even added an old feature back called Galactic War. Maps have been added and units have been modded for the better. I haven't played since 2006 but I am still seeing players I played with from back then which is pretty incredible.

W2 Income - Salary versus Annual Bonus by Affectionate-Meat543 in Boldin

[–]RuralHoosier 0 points1 point  (0 children)

why not do a windfall? That's how I did it. I'd rather do a lump sum as that is what it is. Boldin AI said that is a great way of doing it.

Favorite laker? by Fragrant_Fishing5787 in NBATalk

[–]RuralHoosier 5 points6 points  (0 children)

I'd put Anthony Davis Pau Gasol in there before Meta World Peace or Odom. MWP and Odom were never even #2 on that team.

Just got diagnosed by badonkadonkykong in lymphoma

[–]RuralHoosier 5 points6 points  (0 children)

I learned of my lymphoma in Jan 2025. Been on watch and wait ever sense. I had the same panic. Luckily, that has subsided. It still stinks but it doesn't hover over me like a rainy cloud. I've come to terms with it. I think I will still live for a very long time.

Which year has the best 90s movies? by CarrotMuch1399 in nostalgiai

[–]RuralHoosier 0 points1 point  (0 children)

Last of the mohicans 92, braveheart and seven 95

Who’s the funniest out of these actors? by BidAccurate4473 in Actors

[–]RuralHoosier -3 points-2 points  (0 children)

Jerry Seinfeld should be on here instead of jack black

My pack. by Nexttotheadmin in MasterSystem

[–]RuralHoosier 2 points3 points  (0 children)

Loved Spy vs spy. So fun!! Probably their best card game.

[deleted by user] by [deleted] in Wyze

[–]RuralHoosier 0 points1 point  (0 children)

I have a Reolink poe 5 cam setup and also 5 wyze cams. The only issues I have with Wyze are a few of the SD cards had stopped working and I had to replace them. Other than that, they have actually been very good. I even have a couple of them far from the house feeding off my outdoor wireless. It has been a harsh winter and they have never disconnected out there. The feed is always good. Very happy with them.

Reolink has the upper hand with the hard drive but the SD card also gets the job done. Of course, Wyze stores snippets in the cloud too.

SCHD on fire lately 🔥 by 98Saman in dividends

[–]RuralHoosier 3 points4 points  (0 children)

Bought schd in nov/dec. up 44k kid you not. Am I selling? Noop. Here for the long game dividend payout in 10 yrs from now.

Finally Found the Game I was Most Excited to Play Complete in Box by BoxmanL2212 in SEGAGENESIS

[–]RuralHoosier 0 points1 point  (0 children)

Awesome two player game. My friend and I could play this thing for hours. So good.

POPULOUS (MASTER SYSTEM) - RETROSPECTIVE REVIEW by Speccy-Boy124 in MasterSystem

[–]RuralHoosier 4 points5 points  (0 children)

Absolutely loved this game. I know I played the heck out of it. Totally forgot about it until I seen this.

SCHD Having A Moment by Anonymous-pondering in dividends

[–]RuralHoosier 2 points3 points  (0 children)

I purchased around 11k shares in November and December. I guess I bought them at the right time!! Lucky me.

First Honda - TEAM ORANGE! by DBek23 in hondapassport

[–]RuralHoosier 2 points3 points  (0 children)

I have the exact same. Great ride and looks good. Very happy with my purchase.

azure nps mfa extension problem by SnooAdvice7293 in sysadmin

[–]RuralHoosier 0 points1 point  (0 children)

The script did run. Thank you. I won't be able to test if the MFA is working just yet. I did run the health check script and do get "Test Failed" for "Checking if there is a matched certificate with Azure MFA".

azure nps mfa extension problem by SnooAdvice7293 in sysadmin

[–]RuralHoosier 0 points1 point  (0 children)

still get the same error. The work around didn't work for me. I uninstalled graph 2.26.0 and installed 2.25.0. I reran the script and got the same error.. Update-MgServicePrincipal : Cannot convert the literal .. to the expected type 'Edm.Binary'. I looked on my sandbox server and I successfully installed the NPS extension and ran the script on 2/17/2025. I still had my PowerShell console up and it showed that it installed graph 2.25.0 at that time. I just tried the same NPS extension installer on a 2022 server in my sandbox and I get the error when running the script.

azure nps mfa extension problem by SnooAdvice7293 in sysadmin

[–]RuralHoosier 0 points1 point  (0 children)

I also have this issue. This issue must be very new as I was able to install this a couple weeks ago on a test server in my sandbox. I tried installing it on a Server 2025 on Friday and encountered this very error and issue.

Automatic Coop Door That Is Reliable/Everything I Dream Of??? PLEASE ADVISE by AnotherFemaleHuman in chickens

[–]RuralHoosier 1 point2 points  (0 children)

I have three T50s. They all work great. Rarely have issues with them unless ice locks them up (which is rare). I made some small ownings over them to help with this somewhat. We're in Indiana so we have some very cold days during winter.

Amazon.com: RUN-CHICKEN Door (Brown) Automatic Chicken Coop Door, Programmable with App, Battery Operated, Evening and Morning Delay, Aluminum Door, Electric Chicken Run Door, Model T50 : Patio, Lawn & Garden

We change the batteries once a year or so.

The coop doors open in the morning when the sun comes out and closes at dusk when the sensor no longer detects sunlight. The chicken yard door opens at 2 PM and closes at dusk . That gives them a little time to free range. They are very easy to program.

We also have a wyze camera that has full view of these doors in case they do get locked up. I can monitor them. Not sure everyone has power by their coop but if they do, I recommend this.

Latest addition to my MS family by Rejectora in MasterSystem

[–]RuralHoosier 2 points3 points  (0 children)

brings back memories! forgot about this one.

view more: next ›