AD Domain ServicesAuthentication & Protocols

Identifying unsecure SPN configurations

October 31, 2025
Identifying Insecure SPN Configurations in Active Directory (Detection + Fix Runbook) Service Principal Names (SPNs) are a core part of how Kerberos knows which service you’re trying to reach and which account should decrypt the service ticket. That also makes SPNs a high-signal control point for both security and reliability: weak service-account hygiene, legacy…
Read more
AD Domain ServicesAuthentication & Protocols

AD object indexing vs LDAP query optimization: choose the right lever for fast, reliable AD searches

October 3, 2025
Active Directory is brilliant at answering questions fast—until it isn’t. When helpdesk tools, HR syncs, or SIEM dashboards start firing dozens of searches per second, tiny inefficiencies compound. Queries time out. CPUs spike on domain controllers. Someone inevitably says, “Let’s just index that attribute.” Sometimes that’s right. Often, it’s hiding a bad query. Snapshot…
Read more
AD Domain ServicesAuthentication & Protocols

How to Use Azure AD for LDAP Authentication

March 31, 2023
LDAP (Lightweight Directory Access Protocol) is a protocol used for accessing and managing directory information over an IP network. It is widely used in enterprise environments to authenticate users against a centralized directory service such as Active Directory. Azure Active Directory (Azure AD) is a cloud-based identity and access management service provided by Microsoft. It provides a…
Read more
AD Domain ServicesAuthentication & Protocols

Active Directory LDAP Field - Attribute Mappings   

January 19, 2023
While accessing Active Directory users and computers (ADUC), it can be observed that Microsoft has used user-friendly names for the input fields. These fields are mapped to the LDAP (Lightweight Directory Access Protocol) attributes. You can access the hidden tab within the ADUC which will list all the attributes and their respective values. The reason for understanding and learning about these…
Read more
AD Domain ServicesAuthentication & Protocols

  Integrating AD with LDAP 

December 1, 2021
Introduction  Active Directory (AD) is a directory service that stores information about objects on the network in a logical and hierarchical manner. Administrators control and manage access to network resources based on the permissions assigned to the AD user role. Lightweight Directory Access Protocol (LDAP) is a simplified version of the Directory Access Protocol (DAP). LDAP’s primary…
Read more
AD Domain ServicesAuthentication & Protocols

An Introduction to Lightweight Directory Access Protocol (LDAP)

March 2, 2021
What is LDAP? The Lightweight Directory Access Protocol, commonly known as LDAP, is a communication protocol used to access directory servers. In other words, LDAP is used to store, update and retrieve data from a directory structure. The term “lightweight” is used in comparison with X.500, which was the previous standard for directory services. X.500 was complicated, and it relied on…
Read more
AD Domain ServicesAuthentication & Protocols

NTLM authentication and Kerberos Authentication Protocols Explained

February 4, 2021
What you will learn: A network needs to have security processes put in place to avoid the misuse of its resources. An authentication process goes a big way in identifying whether a person is who they say they are, or a fraud. Active Directory employed the NTLM authentication protocol to securely authenticate its users, which was then succeeded by the Kerberos authentication protocol. In this…
Read more