home.social

#gmsa — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #gmsa, aggregated by home.social.

  1. 🔐 Secure PowerShell remoting made simple. At #PSConfEU 2025, Bartek Bielawski showed how Constrained Endpoints + gMSA limit risks while keeping admins efficient. 🎟️ Early bird 2026 tickets → psconf.eu #PowerShell #Security #gMSA #Remoting

    - YouTube

  2. 🔐 Secure PowerShell remoting made simple. At #PSConfEU 2025, Bartek Bielawski showed how Constrained Endpoints + gMSA limit risks while keeping admins efficient. 🎟️ Early bird 2026 tickets → psconf.eu #PowerShell #Security #gMSA #Remoting

    - YouTube

  3. 🔐 Secure PowerShell remoting made simple. At #PSConfEU 2025, Bartek Bielawski showed how Constrained Endpoints + gMSA limit risks while keeping admins efficient. 🎟️ Early bird 2026 tickets → psconf.eu #PowerShell #Security #gMSA #Remoting

    - YouTube

  4. 🔐 Secure PowerShell remoting made simple. At #PSConfEU 2025, Bartek Bielawski showed how Constrained Endpoints + gMSA limit risks while keeping admins efficient. 🎟️ Early bird 2026 tickets → psconf.eu #PowerShell #Security #gMSA #Remoting

    - YouTube

  5. 🔐 Secure PowerShell remoting made simple. At #PSConfEU 2025, Bartek Bielawski showed how Constrained Endpoints + gMSA limit risks while keeping admins efficient. 🎟️ Early bird 2026 tickets → psconf.eu #PowerShell #Security #gMSA #Remoting

    - YouTube

  6. Использование gMSA в Linux-контейнерах

    Зачем вообще использовать gMSA в контейнерах? Group Managed Service Accounts (gMSA) решает проблему хранения и обновления сервисных паролей: пароль хранится только в AD и регулярно обновляется автоматически. Использование gMSA позволяет не менять уже настроенные ACL и роли на файловых шарах и SQL-серверах - приложения продолжают работать с прежними правами через корпоративные Kerberos/SPN-механизмы. Такая интеграция обеспечивает прозрачный и контролируемый переход классических приложений в контейнерную инфраструктуру Kubernetes. Посмотрим как это работает на примере простого кроссплатформенного dotnet-приложения.

    habr.com/ru/articles/956196/

    #gMSA #credentialsfetcher #k8s #linux

  7. Использование gMSA в Linux-контейнерах

    Зачем вообще использовать gMSA в контейнерах? Group Managed Service Accounts (gMSA) решает проблему хранения и обновления сервисных паролей: пароль хранится только в AD и регулярно обновляется автоматически. Использование gMSA позволяет не менять уже настроенные ACL и роли на файловых шарах и SQL-серверах - приложения продолжают работать с прежними правами через корпоративные Kerberos/SPN-механизмы. Такая интеграция обеспечивает прозрачный и контролируемый переход классических приложений в контейнерную инфраструктуру Kubernetes. Посмотрим как это работает на примере простого кроссплатформенного dotnet-приложения.

    habr.com/ru/articles/956196/

    #gMSA #credentialsfetcher #k8s #linux

  8. Использование gMSA в Linux-контейнерах

    Зачем вообще использовать gMSA в контейнерах? Group Managed Service Accounts (gMSA) решает проблему хранения и обновления сервисных паролей: пароль хранится только в AD и регулярно обновляется автоматически. Использование gMSA позволяет не менять уже настроенные ACL и роли на файловых шарах и SQL-серверах - приложения продолжают работать с прежними правами через корпоративные Kerberos/SPN-механизмы. Такая интеграция обеспечивает прозрачный и контролируемый переход классических приложений в контейнерную инфраструктуру Kubernetes. Посмотрим как это работает на примере простого кроссплатформенного dotnet-приложения.

    habr.com/ru/articles/956196/

    #gMSA #credentialsfetcher #k8s #linux

  9. Использование gMSA в Linux-контейнерах

    Зачем вообще использовать gMSA в контейнерах? Group Managed Service Accounts (gMSA) решает проблему хранения и обновления сервисных паролей: пароль хранится только в AD и регулярно обновляется автоматически. Использование gMSA позволяет не менять уже настроенные ACL и роли на файловых шарах и SQL-серверах - приложения продолжают работать с прежними правами через корпоративные Kerberos/SPN-механизмы. Такая интеграция обеспечивает прозрачный и контролируемый переход классических приложений в контейнерную инфраструктуру Kubernetes. Посмотрим как это работает на примере простого кроссплатформенного dotnet-приложения.

    habr.com/ru/articles/956196/

    #gMSA #credentialsfetcher #k8s #linux

  10. 🔐 Secure PowerShell remoting made simple. At #PSConfEU 2025, Bartek Bielawski showed how Constrained Endpoints + gMSA limit risks while keeping admins efficient. 🎟️ Early bird 2026 tickets → psconf.eu #PowerShell #Security #gMSA #Remoting

    - YouTube

  11. 🔐 Secure PowerShell remoting made simple. At #PSConfEU 2025, Bartek Bielawski showed how Constrained Endpoints + gMSA limit risks while keeping admins efficient. 🎟️ Early bird 2026 tickets → psconf.eu #PowerShell #Security #gMSA #Remoting

    - YouTube

  12. Anyone know the history of this? There are some things that are obvious. The base is the #Opel Rekord D. It’s South Africa. It must be a variant of the #Chevrolet 2500, 3800 or 4100 (the file name suggests 2500). But what is the deal with the grille? It seems Chevrolet (#GMSA) was experimenting with the Wayne Cherry droop snoot? #GM #WeirdCarMastodon #car #Auto #RSA #history

  13. Anyone know the history of this? There are some things that are obvious. The base is the #Opel Rekord D. It’s South Africa. It must be a variant of the #Chevrolet 2500, 3800 or 4100 (the file name suggests 2500). But what is the deal with the grille? It seems Chevrolet (#GMSA) was experimenting with the Wayne Cherry droop snoot? #GM #WeirdCarMastodon #car #Auto #RSA #history

  14. Anyone know the history of this? There are some things that are obvious. The base is the #Opel Rekord D. It’s South Africa. It must be a variant of the #Chevrolet 2500, 3800 or 4100 (the file name suggests 2500). But what is the deal with the grille? It seems Chevrolet (#GMSA) was experimenting with the Wayne Cherry droop snoot? #GM #WeirdCarMastodon #car #Auto #RSA #history

  15. Anyone know the history of this? There are some things that are obvious. The base is the #Opel Rekord D. It’s South Africa. It must be a variant of the #Chevrolet 2500, 3800 or 4100 (the file name suggests 2500). But what is the deal with the grille? It seems Chevrolet (#GMSA) was experimenting with the Wayne Cherry droop snoot? #GM #WeirdCarMastodon #car #Auto #RSA #history

  16. Anyone know the history of this? There are some things that are obvious. The base is the #Opel Rekord D. It’s South Africa. It must be a variant of the #Chevrolet 2500, 3800 or 4100 (the file name suggests 2500). But what is the deal with the grille? It seems Chevrolet (#GMSA) was experimenting with the Wayne Cherry droop snoot? #GM #WeirdCarMastodon #car #Auto #RSA #history

  17. New capabilities on ECS
    • Domainless gMSA authentication for Linux and Windows containers aws.amazon.com/about-aws/whats
    • ECS Fargate supports Seekable OCI (SOCI), a technology open sourced by AWS that helps applications deploy and scale out faster by enabling the containers to start without waiting for the entire container image to be downloaded. aws.amazon.com/about-aws/whats
    #AWS #ECS #Fargate #gMSA #SOCI

  18. Security is an important consideration when running production workloads on a Service Fabric cluster, and Windows security with group Managed Service Accounts (gMSA) is the recommended model. This article outlines how to configure node-to-node and client-to-node security using the gMSA model in a standalone Service Fabric Cluster running on Azure Virtual Machine Scale Sets with Windows Server 2022. techcommunity.microsoft.com/t5 #ServiceFabric #gMSA #AzureVMSS

  19. Security is an important consideration when running production workloads on a Service Fabric cluster, and Windows security with group Managed Service Accounts (gMSA) is the recommended model. This article outlines how to configure node-to-node and client-to-node security using the gMSA model in a standalone Service Fabric Cluster running on Azure Virtual Machine Scale Sets with Windows Server 2022. techcommunity.microsoft.com/t5 #ServiceFabric #gMSA #AzureVMSS

  20. Security is an important consideration when running production workloads on a Service Fabric cluster, and Windows security with group Managed Service Accounts (gMSA) is the recommended model. This article outlines how to configure node-to-node and client-to-node security using the gMSA model in a standalone Service Fabric Cluster running on Azure Virtual Machine Scale Sets with Windows Server 2022. techcommunity.microsoft.com/t5

  21. Security is an important consideration when running production workloads on a Service Fabric cluster, and Windows security with group Managed Service Accounts (gMSA) is the recommended model. This article outlines how to configure node-to-node and client-to-node security using the gMSA model in a standalone Service Fabric Cluster running on Azure Virtual Machine Scale Sets with Windows Server 2022. techcommunity.microsoft.com/t5 #ServiceFabric #gMSA #AzureVMSS

  22. Microsoft is rolling out fixes for problems with the #Kerberos network #authentication protocol on Windows Server after it was broken by a November 8 Patch: theregister.com/2022/11/21/mic | #DomainController #GMSA

  23. Microsoft is rolling out fixes for problems with the #Kerberos network #authentication protocol on Windows Server after it was broken by a November 8 Patch: theregister.com/2022/11/21/mic | #DomainController #GMSA

  24. Microsoft is rolling out fixes for problems with the #Kerberos network #authentication protocol on Windows Server after it was broken by a November 8 Patch: theregister.com/2022/11/21/mic | #DomainController #GMSA

  25. Microsoft is rolling out fixes for problems with the #Kerberos network #authentication protocol on Windows Server after it was broken by a November 8 Patch: theregister.com/2022/11/21/mic | #DomainController #GMSA

  26. Microsoft is rolling out fixes for problems with the #Kerberos network #authentication protocol on Windows Server after it was broken by a November 8 Patch: theregister.com/2022/11/21/mic | #DomainController #GMSA

  27. For those with questions on how th check the #November #Patches issue mentioned by @fabian_bader, where "services like MDI that run on the Domain Controller itself and use a #gMSA won't start anymore if msDS-SupportedEncryptionTypes is set to AES 128 and/or AES 256 only"

    You can run (at least on your DC) get-adcomputer -properties msDS-SupportedEncryptionTypes -filter * and if it returns 24 I believe you are affected. Possible also the values 16 and 8 if I'm understanding this bug right.

    Source for values: techcommunity.microsoft.com/t5

    Source for PowerShell: serverfault.com/questions/8964

  28. For those with questions on how th check the #November #Patches issue mentioned by @fabian_bader, where "services like MDI that run on the Domain Controller itself and use a #gMSA won't start anymore if msDS-SupportedEncryptionTypes is set to AES 128 and/or AES 256 only"

    You can run (at least on your DC) get-adcomputer -properties msDS-SupportedEncryptionTypes -filter * and if it returns 24 I believe you are affected. Possible also the values 16 and 8 if I'm understanding this bug right.

    Source for values: techcommunity.microsoft.com/t5

    Source for PowerShell: serverfault.com/questions/8964

  29. For those with questions on how th check the #November #Patches issue mentioned by @fabian_bader, where "services like MDI that run on the Domain Controller itself and use a #gMSA won't start anymore if msDS-SupportedEncryptionTypes is set to AES 128 and/or AES 256 only"

    You can run (at least on your DC) get-adcomputer -properties msDS-SupportedEncryptionTypes -filter * and if it returns 24 I believe you are affected. Possible also the values 16 and 8 if I'm understanding this bug right.

    Source for values: techcommunity.microsoft.com/t5

    Source for PowerShell: serverfault.com/questions/8964

  30. For those with questions on how th check the #November #Patches issue mentioned by @fabian_bader, where "services like MDI that run on the Domain Controller itself and use a #gMSA won't start anymore if msDS-SupportedEncryptionTypes is set to AES 128 and/or AES 256 only"

    You can run (at least on your DC) get-adcomputer -properties msDS-SupportedEncryptionTypes -filter * and if it returns 24 I believe you are affected. Possible also the values 16 and 8 if I'm understanding this bug right.

    Source for values: techcommunity.microsoft.com/t5

    Source for PowerShell: serverfault.com/questions/8964