CRESTCon presentation looking at the Windows Domain Authentication model.
Windows Domains use a single sign on system, authenticate to one machine, you can then use that machine to access all of your available resources accross that domain. This is great for users but also for attackers. This presentation covers a number fo techniques and tools that be used to take control of a windows domain without ever needing to run time consuming password cracking.