Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Geomix7
Collaborator

Identity awareness communication

Does Identity awareness use communication over TLS1.0/1.1/1.2 using AES-128/256 algorithms against the Domain Controllers?

0 Kudos
1 Reply
G_W_Albrecht
Legend Legend
Legend

The communication is a WMI query (over DCE-RPC), registering to receive all relevant Security Event logs from the Domain Controller. (For Windows 2003 Domain Controllers, events 672,673 and 674 are fetched, while for Windows 2008 Domain Controllers events 4624, 4768, 4769 and 4770 are fetched.)

See sk60301 - Identity Awareness AD Query - and of course sk86441: ATRG: IdentityAwareness...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events