|
I
have been asked by a company to help them tighten what is currently a very
loose security model. Now, several non-IT-but-computer-adept employees have accounts
with full Domain Admin privileges. Many of these folks are programmer types and
pretty savvy (which leads them to think they know what they are doing – that’s
another story). They are also aware that we are going to tighten things down. For
political reasons, we could not just yank their admin access. So
the question is: if you were one of these folks and were inclined to mischief (or
simply ensuring your continued access), how might you hide yourself in the
Directory? More to the point: where should I look beyond the obvious group
memberships? Thanks. --
nme -- |
- [ActiveDir] Hiding in the Directo... Noah Eiger
- RE: [ActiveDir] Hiding in th... joe
- Re: [ActiveDir] Hiding i... Al Mulnick
- RE: [ActiveDir] Hidi... Noah Eiger
- RE: [ActiveDir] Hiding in th... deji
- RE: [ActiveDir] Hiding in th... Bahta, Nathaniel V Contractor NASIC/SCNA
- RE: [ActiveDir] Hiding in th... Grillenmeier, Guido
- RE: [ActiveDir] Hiding in th... Burns, Clyde R.
- RE: [ActiveDir] Hiding in th... deji
- RE: [ActiveDir] Hiding i... Noah Eiger
