![]() ![]() ![]() When we finished with the jumpbox, assuming no one else was logged in, we rebooted them to clear cached credentials. We never elevated to SA or DA from a workstation because the credentials are cached until reboot.Īll servers and management ports were firewalled from the user lan, we had a dedicated jump box with mfa in each site that we used to get behind the interior firewall, from there you could hit admin ports, runas, or rdp into a server. LAPS was deployed for break glass access to workstations.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |