Directory Insights in 10 Minutes – Episode 1
Welcome to the very first episode of Directory Insights in 10 Minutes, brought to you by Guardians of the Directory.
This series cuts through the noise — no fluff, no filler — just real-world, actionable insights for securing Active Directory and Entra ID.
In this kickoff episode, Craig Birch reveals the #1 most overlooked AD misconfiguration — one that ships insecure by default, is present in nearly every environment, and continues to provide attackers with a clear path to domain dominance.
🔍 What You’ll Learn:
• Why the built-in Administrator account (RID 500) is vulnerable out of the box
• How attackers abuse Kerberos delegation to impersonate high-privilege accounts
• Why Microsoft’s guidance is buried in 2,000+ pages of documentation
• The one checkbox that shuts down this attack path instantly
• Why putting accounts in the Protected Users group isn’t enough
🛠️ Quick Fix:1️⃣ Open the RID 500 account properties
2️⃣ Under the Account tab, check:
✅ “Account is sensitive and cannot be delegated”
3️⃣ Apply this setting to all privileged accounts
4️⃣ Include this check in your AD hardening baseline✅ Quick Takeaways:
The built-in Administrator account is a default privilege escalation path
Kerberos delegation + RID 500 = full impersonation
A single setting can eliminate this risk — but most admins miss it
Make this part of your secure provisioning process for every admin account
💬 Join the Conversation:
Have you seen this in your AD environment? Drop us a comment. Let’s talk about closing one of the oldest open doors in AD.
📌 Powered by Guardians of the Directory
Popular Podcasts
Las Culturistas with Matt Rogers and Bowen Yang
Ding dong! Join your culture consultants, Matt Rogers and Bowen Yang, on an unforgettable journey into the beating heart of CULTURE. Alongside sizzling special guests, they GET INTO the hottest pop-culture moments of the day and the formative cultural experiences that turned them into Culturistas. Produced by the Big Money Players Network and iHeartRadio.
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.