Re: Re: 'Read only' Admin privileges for Active Directory environment?
- From: sfmailsbm@xxxxxxxxx
- Date: 5 Jul 2006 07:12:24 -0000
1. Query Active Directory
As a 'normal' user, anyone can query AD, you can install "AD Administration tool" on your machine and launch your query
There will be some properties that you will not be able to access, but i think this would be a good place to start
You can also look for other tools available to launch queries, if domain admin rights are required, you can request your admins to launch the query (you can sit next to him to male sure he is not tampering with the reports ;)
2. Trust the admins
Its true, we must trust our admins, but can we have full trust on them?
We can never really fully trust anyone, this is why we have sections like Internal Audit & Information Security to look for malpractices
---------------------------------------------------------------------------
This list is sponsored by: SensePost
Hacking, like any art, will take years of dedicated study and
practice to master. We can't teach you to hack. But we can teach you
what we've learned so far. Our courses are honest, real, technical
and practical. SensePost willl be at Black Hat Vegas in July. To see
what we're about, visit us at:
http://www.sensepost.com/training.html
---------------------------------------------------------------------------
- Follow-Ups:
- Re: 'Read only' Admin privileges for Active Directory environment?
- From: Raoul Armfield
- Re: 'Read only' Admin privileges for Active Directory environment?
- Prev by Date: Re: Run As/Domain Login Windows XP Home
- Next by Date: Qmail + SMTP Auth - Auth being bypassed?
- Previous by thread: Re: 'Read only' Admin privileges for Active Directory environment?
- Next by thread: Re: 'Read only' Admin privileges for Active Directory environment?
- Index(es):
Relevant Pages
|
