🔍 Admin Accounts with SPNs — Hidden Risk Behind Kerberoasting | Directory Insights in 10 MinutesIn this episode, Craig Birch breaks down a major Active Directory security blind spot: Kerberoasting via privileged accounts with SPNs (Service Principal Names).You'll learn how attackers exploit these accounts — and how to find, assess, and fix the risk without breaking your apps.Straightforward, no fluff — just practical identity security guidance.🛠️ What You’ll Learn🔐 What SPNs are — and why they matter⚠️ How attackers use them in Kerberoasting attacks🖥️ Why ADUC isn’t enough for visibility💻 PowerShell + LDAP filters for fast discovery🧠 SDProp and how it flags privileged accounts🤝 Why app owner collaboration is critical🔁 Safer alternatives: gMSAs, strong passwords, and role reviews❌ Why auto-remediation can break things💡 PowerShell SpotlightpowershellCopyEditGet-ADUser -LDAPFilter "(&(admincount=1)(servicePrincipalName=*))" -Properties servicePrincipalName | Select-Object Name, servicePrincipalNameUse this to find privileged accounts with SPNs — the ones most at risk of Kerberoasting.✅ Quick TakeawaysScript it — don’t rely on ADUCNever auto-remove SPNs without impact analysisTalk to app owners before changesHarden service accounts or switch to gMSAsMonitor SDProp-marked accounts to shrink attack surface💬 Found this helpful? Like, share, or comment! Got a topic you want us to cover in 10 minutes or less? Drop it below — we’re listening.