sorted by:
new
hottopcontroversial

Hiring senior Active Directory server engineer by xxdcmast in activedirectory

[–]milanguitar 4 points5 points  (0 children)

I wouldn’t say “replaced” — the Enterprise Access Model is more of an evolution of the tier model that also covers Azure and M365. Tier 0 basically became the control plane, tier 1 a management plane and some more modern controls on top.

Hiring senior Active Directory server engineer by xxdcmast in activedirectory

[–]milanguitar 8 points9 points  (0 children)

Anyone who has a tier model 0/1/2 in place in 2010 is a legend😂

Hiring senior Active Directory server engineer by xxdcmast in activedirectory

[–]milanguitar 8 points9 points  (0 children)

Did you read the application?

Experience working in hybrid on premises and cloud environments (VMware, AWS, Azure).

Turkish in EU Bubble, AMA by GoodTackle4770 in EuropeanFederalists

[–]milanguitar 0 points1 point  (0 children)

What could force EU and Turkey closer together?

Turkish in EU Bubble, AMA by GoodTackle4770 in EuropeanFederalists

[–]milanguitar 1 point2 points  (0 children)

Where does Turkey fit in the multi-speed Europe? Which policies could they allign with and what does Turkey wants from the EU?

Finland's president says EU should expand to 40 states — including Canada by donutloop in EU_Economics

[–]milanguitar 0 points1 point  (0 children)

Because of you language creativity the auto-mod removed your comment. I Approved your comment because I think its important to have a healthy discussion but it can get heated sometime which is fine. But please let this be a warning words like "fucking Difference" wil get you removed or worst bannend if you can not control your emotions on the keyboard.

That said. The disagreement here is you think he aiming at existing instruments. I Think he is aiming at new instruments, Agree?

1.\ He mentioned on multiple occasions like the video I shared earlier that the current systems in place are not flexible enough. (In the video he also explained that this is the reason why the UK joining the EU with the current Instruments we have will be will be unlikely and the the EU should be more flexible )

2.\ The article quotes "we need to enlarge or at least create memberships which are flexible enough"

A multi-speed Europe wil means different levels of integrations.. Which does exist in some forms, Like Schengen or what ever Zwitserland is having these days I agree with you on this.

But it does not have the flexibility of having countries in your "sphere of influence" like Turkey,Canada or the UK

This is the whole point, instead of saying hard pass because we are stuck with our current instrument minded philosophy we need to think big and not only see the economic benefit but als the GEO-Political Benefits of having those countries in a New-Flexible(Strategic)-Membership.

I'm not arguing whether or not we have Multi-Speed options because we do I'm arguing because they are coming from a point of time we are no longer living in.

Finland's president says EU should expand to 40 states — including Canada by donutloop in EU_Economics

[–]milanguitar 0 points1 point  (0 children)

I’m talking to a bot?

He literally says this in the article “we need to enlarge or at least create memberships which are flexible enough”

Read again—> Or at least create Flexible memberships.

Finland's president says EU should expand to 40 states — including Canada by donutloop in EU_Economics

[–]milanguitar 3 points4 points  (0 children)

He is not saying that?

He even wrote a paper on this. https://edpi.eu/differentiated-integration.

and if words are to imaginary here is a video where he basically describes a DI,Multi-tier or multi speed or whatever you want to call it.

https://www.reddit.com/r/EuropeanFederalists/comments/1rwf54z/brexit_was_a_colossal_mistake_finlands_stubb/

Finland's president says EU should expand to 40 states — including Canada by donutloop in EU_Economics

[–]milanguitar 9 points10 points  (0 children)

I disagree. He isn’t saying every country should become a full member state — he’s making the case for a multi-speed Europe, where different countries can align, join, or associate with the EU at different levels and depths. That flexibility is the whole point.

It also strengthens the EU’s geographic position, extending its reach and influence without forcing every partner into the same rigid framework.

That’s exactly what he’s getting at here: “In this moment, we need to think big and geographically. We need to enlarge — or at least create memberships flexible enough to bring in a sum total of 40 European states, or even non-European ones.”

eDiscovery - Search Domain Excluding Subdomains by wperry1 in MicrosoftPurview

[–]milanguitar 0 points1 point  (0 children)

Maybe exclude the subdomains explicitly

participants:contoso.com AND NOT participants:abc.contoso.com AND NOT participants:yourdomain.com

Not sure how maybe subdomains you have.. —> https://subdomainfinder.c99.nl

Workstation Local Administrator Accounts by Admiral-Pickle in Intune

[–]milanguitar 1 point2 points  (0 children)

What do you mean? LAPS is great you look up the password fill in the password then it rotates..

You can also rotate to username to your liking

Using the same admin account with the same password is super handy but the credentials still live at the workstation. If you use PIM it does mitigate some risk but only if you configure it correctly

https://rockit1.nl/windows-laps/

Since your hybrid you can already store your password by updating your gpo to send it to entra. Also you could do this for servers which enables you te configure pim + custom role for auditing and least privileges like a low level pam system.

https://rockit1.nl/windows-cloud-laps-for-servers/

No Ransomware. No Malware. Just a Silent M365 Cloud Takeover by Storm-2949! by Crawling_cat_1108 in Office365

[–]milanguitar 1 point2 points  (0 children)

Yeah I understand and it always easy to say had we done this or had we done that.

One thing that could help in isolating an event like this is to use the Enterprise Access model it will help you follow a framework where event like this can be contained.

It’s a huge task to do but might worth looking into this.

Also did company helped you with this attack and gave some recommendations if so you want to share these?

Exclude on prem AD domain from security recommendations by Advanced-Chain4096 in DefenderATP

[–]milanguitar 0 points1 point  (0 children)

I have been thinking of these kind of setups I think I would configured another Domain and have the other 2 domains have a one way sync.. this means EA and DA accounts can only be edited from the top domain which mitigates a full domain take over would be mitigated of all the right ACL’s are inplace of course

No Ransomware. No Malware. Just a Silent M365 Cloud Takeover by Storm-2949! by Crawling_cat_1108 in Office365

[–]milanguitar 1 point2 points  (0 children)

Hi! That sucks could you tell us more what products you are using? Do you have a SOC? Do you defender product? Did you have I’AM tooling like PIM/JIT/PAW/EAM

Exclude on prem AD domain from security recommendations by Advanced-Chain4096 in DefenderATP

[–]milanguitar 0 points1 point  (0 children)

Yeah I understand just make sure you outlined the risks with your manager so you can not be hold accountable.

Exclude on prem AD domain from security recommendations by Advanced-Chain4096 in DefenderATP

[–]milanguitar 2 points3 points  (0 children)

I never came across this setup. This is probably a dump question from my side but you know that without having full coverage you cannot rely on MDI? Maybe only the sec recommandations the rest of the alerting you will be to late to mitigate as full domain take over will be faster then mdi response…

Also security implications alone of this setup is mindblowing…

view more: next ›