A few months back, I came across a peculiar issue in my production network. We had 3 data centers with WAN links between them. Each had a Domain Controller with one location having two (A regular and a Read Only Domain Controller). One of my colleagues reported that there was an intermittent replication issue that was discovered only after one of the DC’s failed, of course, not long before my arrival.
We utilize the Microsoft ESAE/Red Forest in my production environment for our Active Directory security hardening. What is this? Well, it’s the path of least privilege in Active Directory. According to this Microsoft article, the underlying principles can be achieved in as few as 3 concepts summarized below: Phase 1 of the roadmap is focused on quickly mitigating the most frequently used attack techniques of credential theft and abuse. Phase 1 is designed to be implemented in approximately 30 days and is depicted in this diagram: