Wednesday, August 9, 2017

Strong Indicator of Mental Illness Identified

I have thought this for some time, but Sebastian Gorka's pronouncement that the Minnesota mosque attack may have been "The Left" trying to make "The Right" look bad, compelled me to type... He even claims that there has been a series of these attacks by the left in the last six months. A claim that I can't substantiate with news reports and he does not back.

For those who don't know the term, because you don't read spy novels or aren't mentally ill, this is called a "False Flag Operation". This is when you blow up a day care center and blame it on your enemy.  Maybe you use their IED of choice to sell the scenario. Yes, IED of choice is something the right learns from watching too much 24. I am talking to you Justice Scalia.

There are two vital things to know about FFOs:

  • To commit such an act is beyond morally reprehensible. It makes you far worse then your enemy.
  • If you see an event and your first thought is "This may be an FFO", this is due to the availability error. It means that you are so morally reprehensible, that it is something you'd consider doing to promote your cause.  
FFOs are a common conspiracy theory of the right and... wait for it, they strongly correlate with mental illness

Please do NOT Google false flag. It will lead you to terrible places on the web. FFO is the go to explanation given by nearly every alt-right, white supremacist, "patriot" group, etc., if something bad happens in the world.

This is just my opinion, so you can't sue me. I mean, the links are legit and the science is, but I don't even play a doctor on TV.


Monday, August 7, 2017

Copying the NTAuth Enterprise store certificates from one Forest to another

The enterprise NTAuth store is a key Active Directory configuration item. It is key to allowing user to login with smartcards. When using PKI cross forest, we usually use the PKISync.ps1 script to lihnk the two forests PKI configurations. This script is designed to allow cross forest certificate enrollment, wich it does well.  It does not cover the NTAuth config for smartcards.  This seems to get missed a lot. 

Below is a two liner to copy the NTAuth in one forest to another, assuming the NTAuth object exists and just needs to be populated. 




$caLIst = (Get-ADObject -SearchBase "CN=NTAuthCertificates,CN=Public Key Services,CN=Services,CN=Configuration,DC=domain1,DC=com" -SearchScope Base -Filter * -Properties * -Server domain1.com).cACertificate


foreach($ca in $caLIst) {Set-ADObject "CN=NTAuthCertificates,CN=Public Key Services,CN=Services,CN=Configuration,DC=domain2,DC=com" -add @{cacertificate=$ca}}


Inputting falsified referrals to this site violates the terms of service of this site and is considered unauthorized access (hacking).