Dear,
we are working in multiple domain in a forest environment. Recently we are attacked by Golden ticket Kerberos weakness. I have searched a lot but no proper mechanism is available except reset of specific account password twice. After reseting password, we assume that attacker again will get the success by doing same methodology. Please guide us for permanent solution. We are using Windows 2008 R2 Active Directory with Forest and Domain functional Level 2008.
thanks
Wajahat