Amar Kulo

Me and my unorganized thoughts

Category: Operating systems

Integrating database of pwned password hashes with Microsoft AD

Few weeks ago, Troy Hunt has released password hash dumps from haveibeenpwned.com site. Dumps are large, splitted to 3 parts and contains 324+ millions of hashes. In this blog post I will show you how to integrate that large hash dump with Microsoft Active Directory and enable DC servers to check against that list before allowing user to change their password.

Microsoft has one feature that has been present since Windows server 2003 and it’s called password filters. It’s not often used as it’s meant to be used as an additional method for adding more complexity to password requirements in larger organisations. The smaller organisations and companies are sticking with the rules that are already present in Windows (both server and workstations), which are:

  • enforce password history
  • minimum password age
  • maximum password age
  • minimum password length
  • password must meet complexity requirements
  • store passwords using reverse encryption

There are some commercial solutions that can add more complex requirements to this list, but price tag is quite high. As soon as you see “contact us for price” you can count with that.

Continue reading

How to reinstall macOS when you get “application is damaged” error

Today I was trying to reinstall an older Mac Mini and installation keep failing with error: “This copy of the Install macOS Sierra.app application is damaged, and can’t be used to install macOS.”

I have tried Yosemite, High Sierra beta (the latest one b6) but still the same error happened so I started wondering why it would fail. One look in the terminal on date and time showed that Mini thought it’s 2001 so package couldn’t be verified and thus installed as verification failed.

Continue reading

© 2017 Amar Kulo

Theme by Anders NorenUp ↑