RE: Active Directory Pentest

http://www.windowsnetworking.com/kbase/WindowsTips/Windows2000/AdminTips/Act
iveDirectory/ActiveDirectorydatabasefileNTDS.DIT.html

it's a file called %SystemRoot%\ntds\NTDS.DIT.

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On
Behalf Of s-williams@xxxxxxxxxx
Sent: Wednesday, May 30, 2007 5:45 PM
To: Ricardo Mourato; listbounce@xxxxxxxxxxxxxxxxx;
pen-test@xxxxxxxxxxxxxxxxx
Subject: Re: Active Directory Pentest

Just to clarify you want to know where the users directory (as in OU) or the
username and password storage location?

If so you need to look for the sam file sometime this is backup in a storage
drive before it is transferred to tape. Or just use an app like lcp if you
have some can of access right?
"A wise man ask questions, a fool is afraid of knowledge"

-----Original Message-----
From: Ricardo Mourato <ricardomcm@xxxxxxxxx>
Date: Wed, 30 May 2007 10:06:34
To:pen-test@xxxxxxxxxxxxxxxxx
Subject: Active Directory Pentest

hi folks, in a costumer network where i'm doing a pentest, i found an
Active Directory Server, this one also runs SQL server 2000 SP1, i've
found that SQL server doenst have a password on the SA account, so it
was easy to get in with NT/SYSTEM, but my question is, where is the AD
users directory located?
tnks in advice

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!

http://www.cenzic.com/c/2020
------------------------------------------------------------------------

Relevant Pages

  • Re: T-Sql & Active Directory Roles, Identification of original login of impersonated IDs an
    ... We want to be able to control access to data within a table based on a ... role within Active directory. ... All the sites are held in a single database table. ... can grant permissions in SQL Server to Windows groups. ...
    (comp.databases.ms-sqlserver)
  • Re: sql2005/linked server+imperonate
    ... When you go from the first SQL Server to the second SQL ... Active Directory attempts to use Kerberos as the authentication method first. ... so through delegation, but you have to do some setup. ...
    (microsoft.public.de.sqlserver)
  • Re: Querying Windows Active Directory from Sql Server 2000
    ... is added to the active directory and i've rights in active directory to ... account in SQL Server to run the query. ... have permission to read the ActiveDirectory tree. ... OLE DB provider 'ADSDSOObject' reported an error. ...
    (comp.databases.ms-sqlserver)
  • Re: SMS Component errors after installing SP2
    ... MVP Windows Server System - SMS ... MP encountered an error when connecting to SQL Server. ... If using a standard SQL security account, ... is used to publish fully qualified host names in Active Directory. ...
    (microsoft.public.sms.setup)
  • Re: Email unkown when trying to add user in AD mode
    ... The problem is that I can't add them as a user in Active Directory mode. ... Wayne Snyder, MCDBA, SQL Server MVP ... > SharePoint Services). ... >> community of SQL Server professionals. ...
    (microsoft.public.sharepoint.windowsservices)