Category: Active Directory

Active Directory, Microsoft Windows Server 2003, Microsoft Windows Server 2008, Microsoft Windows Server 2012

Active Directory Security Hardening: Domain Admin Honeypot

Rename the account It’s a good idea to name the account like any other user account. That means giving it a real name, like Johnny Cash, with a username that matches your naming convention, say “jcash.” Remove description Next, you want to remove the default description for the built-in Administrator, which is “Built-in account for …

Active Directory, Microsoft Windows Server 2012

Add Active Directory Multiple Users in a Group

Add multiple User’s to a Group – PowerShell Script Import-module ActiveDirectory Import-CSV "C:\Scripts\GroupUsers.csv" | % { Add-ADGroupMember -Identity TestGroup1 -Member $_.UserName }Import-module ActiveDirectory Import-CSV "C:\Scripts\GroupUsers.csv" | % { Add-ADGroupMember -Identity TestGroup1 -Member $_.UserName } Don’t forget to create a GroupUsers.csv file with users login names.

Active Directory, General, Microsoft Windows Server 2012

Create Active Directory Users using csv file

This script allows to create Active Directory users using a CSV file and set specific password, email address, and add users to one group for each user. import-module activedirectory Import-Csv “C:\Users\admin\Desktop\file.csv” | ForEach-Object { $userPrincinpal = $_.”samAccountName” + “@company.Local” New-ADUser ` -Name $_.”user” ` -Givenname $_.”name” ` -Surname $_.”surname” ` -SamAccountName $_.”samaccountname” ` -Path $_.”path” …

Active Directory

Active Directory enumeration from non-domain system

ADEnumerator allows red teamers to query LDAP with a standard user account from a system not joined to a domain. It’s common that during a red team assessment you will harvest credentials from printers, files, etc. But sometimes you don’t know what these credentials do. Instead of throwing the one set of credentials you got …