My own opinion is that the organization should demand from the consulting firm the administrator password or an equal account immediately (as in, while they are on the phone with the person before even hanging up).
Robert Williams, MCSE NT4/2K/2K3, Security+ Infrastructure Rapid Response Engineer Northeast Region Microsoft Corporation Global Solutions Support Center -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom Sent: Friday, July 29, 2005 6:22 PM To: [email protected] Subject: [ActiveDir] Advice I'm starting a new job in a week as a AD/Exchange engineer(I posted about my anxieties before on the list). This company used to outsource all their AD/Exchange infrastructure and now they want to take control of it. As it stands, their relationship with the outsourcing firm is rocky. While the DC's and Exchange server are physically in the company, no one has Domain or Enterprise admin rights. And no one, including me, is about to attempt elevation of privilges with all the numerous ways to "hack" a DC when you have physical access. That would be in poor taste. My questions to the list are, if you were coming into such an enviorment, what are the first things you would do and look for? How much as a regular user can you glean of the AD/Exchange enviorment and what would be your first steps? Thanks very much. -------------------------- Sent from my BlackBerry Wireless Handheld (www.BlackBerry.net) List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
