20:00:00 <nitzmahone> #startmeeting Ansible Windows Working Group 20:00:00 <zodbot> Meeting started Tue Dec 21 20:00:00 2021 UTC. 20:00:00 <zodbot> This meeting is logged and archived in a public location. 20:00:00 <zodbot> The chair is nitzmahone. Information about MeetBot at https://fedoraproject.org/wiki/Zodbot#Meeting_Functions. 20:00:00 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic. 20:00:00 <zodbot> The meeting name has been set to 'ansible_windows_working_group' 20:00:07 <nitzmahone> booya 20:00:11 <nitzmahone> #chair jborean93 20:00:11 <zodbot> Current chairs: jborean93 nitzmahone 20:00:12 <briantist> hello 20:00:17 <nitzmahone> howdy 20:00:40 <nitzmahone> #info agenda https://github.com/ansible/community/issues/581 20:00:45 <nitzmahone> Nothing new there, so 20:00:49 <nitzmahone> #topic open floor 20:01:03 <nitzmahone> #info no meeting next week for holidays... 20:01:09 <jborean93> yo 20:01:15 <nitzmahone> hey there 20:01:15 <briantist> I got nothing in particular, but we should create a new agenda for 2022 and do the linking and such 20:01:35 <nitzmahone> Oh yeah, good idea- I'll do that 20:01:49 <nitzmahone> #agreed nitzmahone to create 2022 agenda 20:02:30 <nitzmahone> Sounds like it's a good time to patch those AD services... 🙄 20:02:55 <jborean93> too busy with log4j 20:03:17 <briantist> is there a vuln in AD? 20:03:45 <jborean93> yea Kerberos relay attack 20:03:55 <briantist> ugh, got a link by any chance? 20:03:56 <nitzmahone> Yeah, I just heard about it today, but it's basically any unprivileged domain user can spoof a DC and create a new Domain Admin account 20:03:59 <briantist> I haven't seen this yet 20:04:08 <jborean93> IIRC it uses the join host to domain functionality to get the DA token 20:04:09 <briantist> ffffffffffffffffff 20:05:26 <jborean93> someone from google project zero had a basic idea around how they thought it was susceptible to relay attacks and someone ran with it 20:05:27 <nitzmahone> Looks like they might already be patched by November's patch Tuesday, but they just issued a "no srsly, do it now" because they figured out how to use them together to hijack a domain 20:05:39 <nitzmahone> https://techcommunity.microsoft.com/t5/security-compliance-and-identity/sam-name-impersonation/ba-p/3042699 20:07:37 <briantist> oof, thanks for the heads-up 20:08:25 <nitzmahone> There's also a nice guide on how to tell if someone's done it to you from Event Logs and stuff 20:09:36 <nitzmahone> Nothing burning here either, so if no topics, we'll close in 2min. Happy New Year! 20:10:17 <briantist> 🥳 20:10:50 <jborean93> only thing to mention is 1.9.0 is live for both collections, that will most likely be it for the year 20:10:59 <briantist> cool cool 20:11:00 <jborean93> unless there's some critical bug that appears in the next day or so 20:12:45 <nitzmahone> OK, 2022 agenda is up- until the new year... Thanks all, and hopefully some relaxing time off coming everyone's way soon! 20:12:54 <briantist> link? 20:13:12 <nitzmahone> https://github.com/ansible/community/issues/644 20:13:27 <briantist> subscribed, thank you! 20:13:31 <briantist> happy new year 20:13:43 <nitzmahone> cya soon! 20:13:45 <nitzmahone> #endmeeting