I’ve published this blog post on my employeer’s blog. This entry is used just to align and keep track of the chronicle.

Read the blog post here:

https://www.securesystems.de/blog/active-directory-spotlight-attacking-the-microsoft-configuration-manager/