Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Active Directory

netwrix

How to Install And Use Active Directory Administrative Center (ADUC)

Active Directory Administrative Center (ADAC) is a Microsoft tool that admins can use to manage objects in Active Directory. ADAC is available in Windows Server 2008 R2 and higher. ADAC is a graphical interface on top of Windows PowerShell. This means that every time an action is carried out through ADAC, Windows PowerShell cmdlets are executed in the background.

one identity

How to find and manage privileged accounts in Active Directory

When it comes to securing Active Directory, the first place to start is usually getting a handle on what currently exists - getting a ‘lay of the land,’ so to speak. In Active Directory, the admincount attribute can play a role in identifying privileged accounts. It’s not without its faults, however. In this blog, we will explore the admincount attribute in more detail and potential uses it may have for determining which accounts may have or had privileged access.

netwrix

RID Hijacking: How Guests Become Admins

RID hijacking is a persistence technique used by adversaries who have compromised a Windows machine. In a nutshell, attackers use the RID (relative identifier) of the local Administrator account to grant admin privileges to the Guest account (or another local account). That way, they can take actions using the Guest account, which is normally not under the same level of surveillance as the Administrator account, to expand their attack while remaining undetected.

netwrix

An Active Directory Domain Controller Could Not Be Contacted

When I try to join a new Windows workstation or server to an Active Directory (AD) domain, I sometimes encounter the following error: “An Active Directory Domain Controller (AD DC) for the domain ‘domainname’ could not be contacted.” This error can occur due to any of several reasons, from a simple incorrect DNS server IP address to a much more complex issue.

manageengine

Discover how attackers exploit DNS vulnerabilities in Active Directory

A DNS server is an integral part of an AD environment. Simple yet crucial activities are accomplished using DNS servers, such as authenticating, searching for computers, and identifying domain controllers. But attackers know there are a lot of loopholes in DNS that they can exploit. And, they often already know about these vulnerabilities. In this blog, you will learn how attackers can abuse.

netwrix

"Get ADUser Not Recognized" Error in PowerShell

The Get-ADUser PowerShell cmdlet is very helpful for Active Directory user management. But what if you try to use Get-ADUser and get the error below? The term ‘Get-ADUser’ is not recognized as the name of a cmdlet, function, script file or operable program. This error simply means that the Active Directory module for PowerShell is not available on your machine.

netwrix

Get-ADGroupMember Cmdlet: Find Active Directory Group Members

Using Active Directory security groups is a best practice for quickly and accurately assigning permissions to users, computers, and groups. But how can you get a list of all the members of a security group? While you could use the PowerShell cmdlet Get-ADGroup, group members will be identified by their distinguished names, making the results difficult to read. A better option is to use the Get-ADGroupMember cmdlet. This article provides the syntax of this cmdlet and lots of useful examples.