20:00:00 <nitzmahone> #startmeeting Ansible Windows Working Group
20:00:00 <zodbot> Meeting started Tue Dec 21 20:00:00 2021 UTC.
20:00:00 <zodbot> This meeting is logged and archived in a public location.
20:00:00 <zodbot> The chair is nitzmahone. Information about MeetBot at https://fedoraproject.org/wiki/Zodbot#Meeting_Functions.
20:00:00 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
20:00:00 <zodbot> The meeting name has been set to 'ansible_windows_working_group'
20:00:07 <nitzmahone> booya
20:00:11 <nitzmahone> #chair jborean93
20:00:11 <zodbot> Current chairs: jborean93 nitzmahone
20:00:12 <briantist> hello
20:00:17 <nitzmahone> howdy
20:00:40 <nitzmahone> #info agenda https://github.com/ansible/community/issues/581
20:00:45 <nitzmahone> Nothing new there, so
20:00:49 <nitzmahone> #topic open floor
20:01:03 <nitzmahone> #info no meeting next week for holidays...
20:01:09 <jborean93> yo
20:01:15 <nitzmahone> hey there
20:01:15 <briantist> I got nothing in particular, but we should create a new agenda for 2022 and do the linking and such
20:01:35 <nitzmahone> Oh yeah, good idea- I'll do that
20:01:49 <nitzmahone> #agreed nitzmahone to create 2022 agenda
20:02:30 <nitzmahone> Sounds like it's a good time to patch those AD services... 🙄
20:02:55 <jborean93> too busy with log4j
20:03:17 <briantist> is there a vuln in AD?
20:03:45 <jborean93> yea Kerberos relay attack
20:03:55 <briantist> ugh, got a link by any chance?
20:03:56 <nitzmahone> Yeah, I just heard about it today, but it's basically any unprivileged domain user can spoof a DC and create a new Domain Admin account
20:03:59 <briantist> I haven't seen this yet
20:04:08 <jborean93> IIRC it uses the join host to domain functionality to get the DA token
20:04:09 <briantist> ffffffffffffffffff
20:05:26 <jborean93> someone from google project zero had a basic idea around how they thought it was susceptible to relay attacks and someone ran with it
20:05:27 <nitzmahone> Looks like they might already be patched by November's patch Tuesday, but they just issued a "no srsly, do it now" because they figured out how to use them together to hijack a domain
20:05:39 <nitzmahone> https://techcommunity.microsoft.com/t5/security-compliance-and-identity/sam-name-impersonation/ba-p/3042699
20:07:37 <briantist> oof, thanks for the heads-up
20:08:25 <nitzmahone> There's also a nice guide on how to tell if someone's done it to you from Event Logs and stuff
20:09:36 <nitzmahone> Nothing burning here either, so if no topics, we'll close in 2min. Happy New Year!
20:10:17 <briantist> 🥳
20:10:50 <jborean93> only thing to mention is 1.9.0 is live for both collections, that will most likely be it for the year
20:10:59 <briantist> cool cool
20:11:00 <jborean93> unless there's some critical bug that appears in the next day or so
20:12:45 <nitzmahone> OK, 2022 agenda is up- until the new year... Thanks all, and hopefully some relaxing time off coming everyone's way soon!
20:12:54 <briantist> link?
20:13:12 <nitzmahone> https://github.com/ansible/community/issues/644
20:13:27 <briantist> subscribed, thank you!
20:13:31 <briantist> happy new year
20:13:43 <nitzmahone> cya soon!
20:13:45 <nitzmahone> #endmeeting