ACL
Finding Highly Privileged Accounts in ACL's - Part 2 - GROUP POLICY
In the previous post Part 1 I introduced a way to detect a malicious actor account in the access control list of the domain root.
In the previous post Part 1 I introduced a way to detect a malicious actor account in the access control list of the domain root.
When trying to identify the highly privileged accounts in an Active Directory you might start with the members of the built-in administrative groups like Domain Admin etc.
This is a repost of my previous post at: https://docs.microsoft.com/en-us/archive/blogs/pfesweplat/do-you-allow-blank-passwords-in-your-domain. My blog posts at Microsoft was temporarly deleted so just in case I re-post this one here.