Security Basics mailing list archives
Re: Re: 'Read only' Admin privileges for Active Directory environment?
From: sfmailsbm () gmail com
Date: 5 Jul 2006 07:12:24 -0000
1. Query Active Directory As a 'normal' user, anyone can query AD, you can install "AD Administration tool" on your machine and launch your query There will be some properties that you will not be able to access, but i think this would be a good place to start You can also look for other tools available to launch queries, if domain admin rights are required, you can request your admins to launch the query (you can sit next to him to male sure he is not tampering with the reports ;) 2. Trust the admins Its true, we must trust our admins, but can we have full trust on them? We can never really fully trust anyone, this is why we have sections like Internal Audit & Information Security to look for malpractices --------------------------------------------------------------------------- This list is sponsored by: SensePost Hacking, like any art, will take years of dedicated study and practice to master. We can't teach you to hack. But we can teach you what we've learned so far. Our courses are honest, real, technical and practical. SensePost willl be at Black Hat Vegas in July. To see what we're about, visit us at: http://www.sensepost.com/training.html ---------------------------------------------------------------------------
Current thread:
- Re: 'Read only' Admin privileges for Active Directory environment? Raoul Armfield (Jul 04)
- <Possible follow-ups>
- Re: 'Read only' Admin privileges for Active Directory environment? Saqib Ali (Jul 04)
- Re: Re: 'Read only' Admin privileges for Active Directory environment? sfmailsbm (Jul 05)
- Re: 'Read only' Admin privileges for Active Directory environment? Raoul Armfield (Jul 06)