Against which AC do you check on the strikes of the Tiger Claw discipline?

As the title says. If, let’s say, I catch my opponent flat-footed and use Claw at the Moon, do I check against flat-footed AC or complete AC?

Claw at the Moon:

As part of this maneuver, you attempt a Jump check to leap into the air and make a melee attack that targets your foe’s upper body, face, and neck. The Jump check’s DC is equal to your target’s AC. If this check succeeds your attack deals +2d6 damage. if this attack threatens a critical hit, you gain a +4 bonus on your roll to confirm it. If your check fails, you can still attack but deal no extra damage or gain a bonus to confirm a critical hit. The maneuver is still considered expended.

Deflect Missiles against unusual projectiles?

There are a number of monsters that make ranged weapon attacks with unusual qualities. For example the Spined Devil has a ranged attack that does 1d4 piercing and 1d6 fire damage, the Drider’s longbow does an extra 1d8 poison damage, and the Sprite’s shortbow has no damage die but can poison an enemy or knock them unconscious.

When using the monk’s Deflect Missiles feature to make a ranged attack using a caught projectile are additional damage types and effects included with the attack?

Deflect Missiles

You can use your reaction to deflect or catch the missile when you are hit by a ranged weapon attack. When you do so, the damage you take from the attack is reduced by 1d10 + your Dexterity modifier + your monk level.
If you reduce the damage to 0, you can catch the missile if it is small enough for you to hold in one hand and you have at least one hand free. If you catch a missile in this way, you can spend 1 ki point to make a ranged attack with the weapon or piece of ammunition you just caught, as part of the same reaction. You make this attack with proficiency, regardless of your weapon proficiencies, and the missile counts as a monk weapon for the attack, which has a normal range of 20 feet and a long range of 60 feet.

Tunnel defense effective against Specters? [closed]

This is a fun one…DND 5E session.

Assume a 5′ corridor that if 25′ long leading to a dead-end (5 squares), and 5 party members (all medium size) fill each of those squares. A well armored tank as at the front, trying to defend the party. This is the scenario a party has encountered a bunch of times fighting various creatures. But never against incorporeal creatures.

The party is trying to hold off 7 specters being controlled by a Wraith.

Since the Specters are incorporeal and can pass through one another, as well as the players, as difficult terrain, are they limited to attacking the front-line only? I would rule yes, in theory, because you can’t attack from an occupied space:

What happens when allies occupy the same space?

That rule is a fundamental aspect of the tunnel defense / choke-point strategy, and in theory even works for these non-corporeal creatures, preventing them from being able to infiltrate the middle of the party, as there is no unoccupied space for them to attack from. The PC’s literally fill every available 5′ square. Pretty simple and clear cut I think.

But then, there’s the fact that the Specters can pass through walls…and that’s where they fun begins. They have 50′ of movement, so even through walls they can move 25′, attack blindly through the wall, and then return 25′ back. Muahhahaha. They could easily reach PC #2 and PC #3, although the two way in the far back would be safe (unless the Specter was willing to end it’s round in the wall and take the 1d10 Force damage).

Seem legit? I ruled that they would NOT take the 1d10 Force Damage for stopping to attack from inside the wall, because they did not "end their turn" on that space. That’s straight from the rules on Incorporeal Movement in their stat block. Do others agree? A few players weren’t happy lol.

However, things quickly got so crazy complicated from here, I quickly whiched that I had ruled they simply couldn’t do it. 😉

If allowed to attack, would they attack at Disadvantage since the specter can’t "see" through the wall? I ruled yes. However, since the PC can’t see the attacker (it’s in a wall!), the attack should be at Advantage, thus cancelling each other out!

But what if the PC saw the hand coming? You could offer a Perception vs. Stealth to see if the PC see’s the "hand reaching out", and if they did, then Disadvantage would be re-asserted, right? And if so, what if that PC is also Dodging and sees the hand come out? Should the attack then be at super-disadvantage (which we don’t have as a house rule and I avoid like the plague, although this one tempted me big-time).

The way I ruled it is those who were Dodging gained Advantage on their Perception check to see the hand coming. If successful, then the attack happened at Disadvantage. Therefore, there was a benefit to foregoing an attack to Dodge. However, even those who used their Action to attack still had a chance to see the hand coming if they made their Perception check, and if they did, the Specter attacked at Disadvantage. If they didn’t see it coming, the Specter attacked normally as it’s Advantage (attacking a creature who can’t see you) and Disadvantage (blindly attacking a creature you can’t see) cancelled each other out.

I’m really curious to see how others would have handled this. The party was quite shocked when their tried and true tunnel defense imploded upon them.

Also, this didn’t come up, but what if a PC in the back cast Daylight? I would have ruled that the Specters in the walls would not have suffered Disadvantage on attack from it, because they couldn’t see the light (it wouldn’t penetrate the walls). Only the specters attacking from up front would have been at disadvantage. This would have in turn driven them all to enter and start attacking through the walls (INT 10 after all)! Major backfire potential there!

Does a sprite familiar’s equipment count against its carrying capacity?

Under Lifting and Carrying (PHB 176) it says:

Your carrying capacity is your Strength score multiplied by 15. This is the weight (in pounds) that you can carry… You can push, drag, or lift a weight in pounds up to twice your carrying capacity (or 30 times your Strength score).

and also specifies that a tiny creature can carry half as much

A sprite familiar summoned through a warlock’s Pact of Chain feature has a strength score of 3 and so has a carrying capacity of 22.5 pounds and a push, drag, lift limit of 45 pounds. The sprite stat block also specifies, however, that they wear leather armor and carry a longsword and shortbow.

Supposedly these weigh 10 pounds, 3 pounds and 2 pounds respectively but considering they are smaller than those worn by a medium humanoid it is unlikely that they weigh as much.

Is there any official guidance as to how much the sprite familiar’s equipment counts against its carrying capacity?

Would a Periapt of Proof Against Poison nullify the effects of alcohol?

The description of the Periapt of Proof Against Poison (PoPAP) says that “poisons have no effect on you. You are immune to the poisoned condition and have immunity to poison damage.”

So I’m wondering if a character could get drunk while wearing a PoPAP? There’s no “drunk” status condition in D&D 5e, but drunkenness is caused because you’ve consumed enough alcohol to poison yourself, however slightly. Also, does the wearer of the PoPAP know they’ve been poisoned? Like for instance, if someone put spider venom in their food, would they know the food was poisoned when they ate it?

Does the Observant feat allow you to auto-succeed against illusions?

The Observant feat states:

You have a +5 bonus to your passive Wisdom (Perception) and passive Intelligence (Investigation) scores.

To my knowledge, nowhere else in the rules is there discussion regarding a passive Intelligence (Investigation) score.

Furthermore, when added to a character in D&D Beyond, the Passive Intelligence (Investigation) is added under the character’s Senses akin to Darkvision or Blind Sight.

Several illusion spells include language along the lines of:

Can use its action to (do something to see through the illusion) and must succeed on an Intelligence (Investigation) check against your spell save DC.

Does the creation of a Passive Intelligence (Investigation) by the feat constitute a scenario of specific beats general rule whereby any illusion that can be defeated by an investigation check automatically fails if the save DC is lower than the passive score created by the feat?

Are there any known attacks (technical or social) against enterprises where password resets are scheduled on fixed (known) intervals?

A company I know of has a password policy that requires employees to change passwords (on AD server) every 90 days. The vast majority of its new hires start on the 1st of the month. Thus, several hundred password resets happen on a predictable schedule. My intuition tells me that this is tactically valuable information to an attacker (I am an infosec noob).

An attacker could enhance the standard "reply to this with your password" phish with a "reply to this with your password because it is time to change your password" phish. The latter seems less suspicious because the person who wrote the message knows about the password reset policy.

Are there any other attacks enhanced or made possible by a predictable password reset schedule?

I realize that (by the pigeonhole principle) every sufficiently large enterprise with a forced password change policy will have a lot of same-day password changes.

On-premesis SQL Server setup for MFA against Azure AD

I am trying to set up multi-factor authentication in SSMS using an on-premesis SQL Server (Standard Edition). I believe the SSMS is simple enough. Under the "Login" tab, I have chosen "Active Directory – Universal with MFA support" and have my user name (like "john.doe@example.com").

Login tab

Under "Connection Properties," I put in a specific database and my Azure AD tenant ID (guid):

Connection Properties tab

When I try to log in, I get a popup from Microsoft, which I assume is the SSO login:

SSO Login

However, when I put in my password, I get error 18456, State 1:

Error 18456

I assume this is because I need to add the user on the server side. However, I have not been able to find how to do that for an on-premesis SQL Server (there are plenty of guides for Azure SQL). I am using Standard Edition 2017. What do I need to do to complete the setup?