[EMAIL PROTECTED] wrote:
Hi Darren
The Quest tool uses LSAS insertion. The explanation given to a lowly
network admin that can almost spell C++ is they stick a piece of code into
LSAS that intercepts every write to the AD database and reports it.
Short of hacking the secure communications on all your DCs I am not sure
you can duplicate this.
Thanks for the info... that at least gives me something to research further
to determine if it is feasiable to attempt to duplicate it or not.
--
Chuck Chopp
ChuckChopp (at) rtfmcsi (dot) com http://www.rtfmcsi.com
RTFM Consulting Services Inc. 864 801 2795 voice & voicemail
103 Autumn Hill Road 864 801 2774 fax
Greer, SC 29651
Do not send me unsolicited commercial email.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
