Active Directory and DNS: A Match Made in Heck - Understanding Directory Services Integration
BSidesCharm via YouTube
Overview
Explore the intricate relationship between Active Directory and DNS in this 46-minute conference talk from BSidesCharm 2023, presented by security experts Jim Sykora and Jake Hildreth from Trimarc. Gain insights into maintaining a robust directory service platform by understanding how Active Directory integrates DNS functionality with LDAP database and Kerberos authentication. Learn essential concepts including Forest DNS, Microsoft DNS configurations, explicit access controls, DNS zones, conditional forwarders, and DNS policies. Discover defensive strategies for DNS security, auditing practices, and best practices for outsourcing DNS. The presenters combine their extensive experience - Sykora's background in identity security and system administration, and Hildreth's expertise in Active Directory security assessments for Fortune 500 companies - to deliver practical knowledge for maintaining secure and efficient AD-DNS implementations.
Syllabus
Introduction
Who are we
Active Directory and DNS
AD and Kerberos
Forest DNS
Microsoft DNS
Explicit Access Controls
Something Completely Different
Evil Sinkhole
DNS Zones
Conditional Forwarders
DNS Policies
Active Directory
Outsource DNS
DNS Defenses
Auditing DNS
Blue Tuxedo
Thank You
Questions
Taught by
BSidesCharm