Skip to content

MAHARJAN-BINOD

"Innovate, Implement, Inspire."

Menu
    • Azure (AZ) – MAIN
      • Azure Communication Service
      • Azure-Site-Recovery
    • Blog
    • Group Policy Series
    • Microsoft365 – MAIN
      • M365-Intune
      • SharePoint-Online (SP-Online)
    • My Blogs
    • Office-Online-Server (OOS)
    • Windows-Server-Update-Service (WSUS)
    • MAHARJAN-BINOD
    • Active-Directory (AD) – MAIN
      • ACTIVE DIRECTORY CERTIFICATE SERVICES
      • ACTIVE DIRECTORY DOMAIN SERVICES
      • AD Security Hardening
      • AD-PowerShellScript
      • AZURE-ADCONNECT
      • DOMAIN NAME SERVER (DNS)
      • FILE-SERVER
      • GPOs
    • Exchange – MAIN
      • Exchange-Server-2019-CU13
      • Exchange-Server-2019-CU15
      • Exchange-Server-SE
      • MFA-FOR-OWA

AD-SECURITY

ACTIVE-DIRECTORY / AD-SECURITY

Understanding Kerberoasting and the Vulnerability of SPNs

Active Directory (AD) relies heavily on the Kerberos protocol for authentication. While highly secure when configured correctly, legacy architectural decisions and traditional service account management create significant security blind spots. …

ACTIVE-DIRECTORY / AD-SECURITY

The Domain Controller Death Trap: Hardening the Print Spooler in 2026

Active Directory Vulnerability: The Print Spooler on Domain Controllers Posted on May 14, 2026 | By Security Research Team Even in 2026, the Print Spooler remains a Tier-0 attack vector. …

ACTIVE-DIRECTORY / AD-SECURITY

AD Security Series Part 1: How to Audit and Fix Kerberoasting & AS-REP Roasting

Introduction Start by explaining that attackers don’t always need to “break in”—sometimes they just “ask.” “In Active Directory, certain accounts are configured in a way that allows any authenticated user …

Copyright © 2026 MAHARJAN-BINOD. All rights reserved.