Please enable JavaScript.
Coggle requires JavaScript to display documents.
AD Domain Service (AD DS): service to update and manage OS, applications,…
AD Domain Service (AD DS)
: service to update and manage OS, applications, users and data access.
Organizational Units
Stores information of all objects
Enforce rules on all objects
Objects
Servers and workstations are domain-joined
Machine accounts are local admin on the assigned computers. Machines have accounts with the same name followed by a $ sign.
Each object has attributes
Internet-facing machines are not usually domain-joined
Users
Groups
OUs can delegate permissions to users
Security groups: Restrict access to files and other resources. Default groups exits.
Critical dependency on a DNS server
Enumeration
Exploit/ Client side attack on domain workstation/server
Escalate Privilege
Add attacker to high-value groups
Authentication
Kerberos
NetNTLM