IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [domain-admin]

26 questions
17
votes
8 answers

Monitoring Active Directory Domain Administrator Activities

I need to monitor Active Directory domain administrator activities and look for the following: Looking for anomalies in daily activity Getting alerted upon a violation My problem is that turning on Windows Auditing in my environment (over 100…
Fahmy Aziz
  • 171
  • 1
  • 1
  • 4
9
votes
1 answer

Will enforcing this restriction on Domain Admins "break the network"?

Let's say we secure all servers in the domain.. Domain controllers allow RDP access only from jump servers Domain admins can't connect to non-dc servers And so forth This is all swell and should be considered a safe configuration to prevent the…
Franko
  • 1,530
  • 5
  • 18
  • 30
6
votes
3 answers

Does domain privacy make a domain less secure?

Does buying domain privacy make the domain more secure against hijacking? Would it make the domain less secure against losing it, if the registar gets bankrupt? I am afraid that the domain could be seized to pay the debt of the registrar, if buying…
Quora Feans
  • 1,861
  • 1
  • 12
  • 20
6
votes
2 answers

Securing a process from local users

We require a method to run a process on a users machine whereby a local user cannot kill this process (from task manager or otherwise). Is there a way to make this application a system process or make it un-killable. I have gone through all the…
Sachin Aggarwal
  • 161
  • 3
5
votes
4 answers

Are non-personal AD users a security risk?

After an IT audit of my company, the report said that our Active Directory contained too many non-personal user accounts. This caused a risk of misuse and unauthorized user access. I checked my company's Active Directory today and noticed a lot of…
Francis
  • 51
  • 1
  • 3
5
votes
1 answer

Creating a domain admin account from NT\System access

So I've popped a shell on a primary domain controller (PDC) which has NT\SYSTEM permissions on the box. I've created a local admin user account using the following commands: net user myname myc0mpl3x password /add net localgroup adminstrators…
NULLZ
  • 11,426
  • 17
  • 77
  • 111
5
votes
2 answers

Is there a more secure way for users to log into the domain other than just passwords?

Say you have this: An NPS server that grants access to users using client certificates (EAP-TLS). So for example someone managed to snatch the domain administrator's password and they log in to the computer using the domain administrator's username…
Newlo Newly
  • 145
  • 1
  • 1
  • 6
5
votes
1 answer

How does a Registrar/Domain Lock increase security?

I have all of my domains locked, so that they cannot be transferred without first unlocking. However, I can't think of any scenario where this lock increases security. In order to transfer, one must obtain an authorization code. To do this, you have…
Stephen Schrauger
  • 938
  • 6
  • 11
3
votes
1 answer

Use local admin or domain admin to raise privileges on a machine for administrative purposes?

By now I would hope that, unless there were extenuating circumstances, all users (including administrative users) use a low-level account for their daily activities and raise their permissions to perform administrative tasks. Obviously domain-based…
DKNUCKLES
  • 9,237
  • 2
  • 37
  • 47
2
votes
1 answer

Security Administrator Windows Roles

I find that security administrators often need to perform vulnerability checks on systems and these tasks need at least domain or local administrative rights. Does the security administrator need full domain admin rights or maybe just a power user?…
Pang Ser Lark
  • 1,929
  • 2
  • 16
  • 26
2
votes
2 answers

Can I force unique passwords for domain admin accounts?

Best practices would dictate that domain admins should not be logged into as such for daily tasks. Ideally the user would have two accounts; Their "daily" account and their domain admin account. How can one assure (through a technical control) that…
k1DBLITZ
  • 3,933
  • 14
  • 20
2
votes
1 answer

Display link to admin section or not?

I have a question and answers site. I have an admin section. From that section I can delete users, threads, responses, and edit various other things. I have some simple code at the start of the admin page: if(($session->protected_page_security())…
GhostRider
  • 135
  • 3
1
vote
0 answers

Domain Exploitation

I have set up a domain testing environment on a couple of old computers that i had lying around at home. I have done a lot of information gathering and attempts at exploiting the machines via Metasploit, exploit-db exploits and multiple other…
user3801447
  • 31
  • 2
1
vote
2 answers

How to secure sensitive information on cloud from administrator (end-to-end encryption)

When I use end-to-end encryption to secure documents and sensitive information on cloud or on computer, there is always a risk of accessing these information by administrator. For example if you use Truecrypt to save a secure container in cloud or…
user1563721
  • 1,099
  • 11
  • 22
1
vote
2 answers

Requesting administrative access in a company

I have been given the task of defining a process for assigning administrative access. One of the requirements for this processs is that if a subject wishes to gain adminstrative access, only the subject's manager can make the request for the client.…
Jay
  • 535
  • 5
  • 12
1
2