Labs
Learning Objective - 1
PS C:\AD\Tools> Get-NetDomain
Forest : moneycorp.local
DomainControllers : {dcorp-dc.dollarcorp.moneycorp.local}
Children : {us.dollarcorp.moneycorp.local}
DomainMode : Unknown
DomainModeLevel : 7
Parent : moneycorp.local
PdcRoleOwner : dcorp-dc.dollarcorp.moneycorp.local
RidRoleOwner : dcorp-dc.dollarcorp.moneycorp.local
InfrastructureRoleOwner : dcorp-dc.dollarcorp.moneycorp.local
Name : dollarcorp.moneycorp.local1. SID of the member of the Enterprise Admins group
PS C:\AD\Tools> Get-DomainGroupMember -Identity "Domain Admins"
GroupDomain : dollarcorp.moneycorp.local
GroupName : Domain Admins
GroupDistinguishedName : CN=Domain Admins,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
MemberDomain : dollarcorp.moneycorp.local
MemberName : svcadmin
MemberDistinguishedName : CN=svc admin,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
MemberObjectClass : user
MemberSID : S-1-5-21-719815819-3726368948-3917688648-1118
GroupDomain : dollarcorp.moneycorp.local
GroupName : Domain Admins
GroupDistinguishedName : CN=Domain Admins,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
MemberDomain : dollarcorp.moneycorp.local
MemberName : Administrator
MemberDistinguishedName : CN=Administrator,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local
MemberObjectClass : user
MemberSID : S-1-5-21-719815819-3726368948-3917688648-500
PS C:\AD\Tools> Get-DomainGroupMember -Identity "Domain Admins" -Domain "moneycorp.local"
GroupDomain : moneycorp.local
GroupName : Domain Admins
GroupDistinguishedName : CN=Domain Admins,CN=Users,DC=moneycorp,DC=local
MemberDomain : moneycorp.local
MemberName : Administrator
MemberDistinguishedName : CN=Administrator,CN=Users,DC=moneycorp,DC=local
MemberObjectClass : user
MemberSID : S-1-5-21-335606122-960912869-3279953914-500
PS C:\AD\Tools> Get-DomainGroupMember -Identity "Enterprise Admins" -Domain "moneycorp.local"
GroupDomain : moneycorp.local
GroupName : Enterprise Admins
GroupDistinguishedName : CN=Enterprise Admins,CN=Users,DC=moneycorp,DC=local
MemberDomain : moneycorp.local
MemberName : Administrator
MemberDistinguishedName : CN=Administrator,CN=Users,DC=moneycorp,DC=local
MemberObjectClass : user
MemberSID : S-1-5-21-335606122-960912869-3279953914-500
Respuesta:
S-1-5-21-335606122-960912869-3279953914-500Learning Objective - 2
2. Display name of the GPO applied on StudentMachines OU
PS C:\AD\Tools> Get-DomainOU
description : Default container for domain controllers
systemflags : -1946157056
iscriticalsystemobject : True
gplink : [LDAP://CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=dollarcorp,DC=money
corp,DC=local;0]
whenchanged : 11/12/2022 5:59:00 AM
objectclass : {top, organizationalUnit}
showinadvancedviewonly : False
usnchanged : 7921
dscorepropagationdata : {11/15/2022 3:49:24 AM, 11/12/2022 5:59:41 AM, 1/1/1601 12:04:16 AM}
name : Domain Controllers
distinguishedname : OU=Domain Controllers,DC=dollarcorp,DC=moneycorp,DC=local
ou : Domain Controllers
usncreated : 7921
whencreated : 11/12/2022 5:59:00 AM
instancetype : 4
objectguid : 802da67f-f1f8-40a7-9d13-7e76ccb25e39
objectcategory : CN=Organizational-Unit,CN=Schema,CN=Configuration,DC=moneycorp,DC=local
usncreated : 44996
displayname : StudentMachines
gplink : [LDAP://cn={7478F170-6A0C-490C-B355-9E4618BC785D},cn=policies,cn=system,DC=dollarcorp,DC=moneyc
orp,DC=local;0]
whenchanged : 11/15/2022 5:46:19 AM
objectclass : {top, organizationalUnit}
usnchanged : 45933
dscorepropagationdata : {11/15/2022 3:49:24 AM, 11/15/2022 3:49:24 AM, 1/1/1601 12:00:00 AM}
name : StudentMachines
distinguishedname : OU=StudentMachines,DC=dollarcorp,DC=moneycorp,DC=local
ou : StudentMachines
whencreated : 11/15/2022 3:49:24 AM
instancetype : 4
objectguid : 1c7cd8cb-d8bb-412f-9d76-9cff8afa021f
objectcategory : CN=Organizational-Unit,CN=Schema,CN=Configuration,DC=moneycorp,DC=local
usncreated : 45190
name : Applocked
gplink : [LDAP://cn={0D1CC23D-1F20-4EEE-AF64-D99597AE2A6E},cn=policies,cn=system,DC=dollarcorp,DC=moneyc
orp,DC=local;0]
whenchanged : 11/15/2022 4:21:20 AM
objectclass : {top, organizationalUnit}
usnchanged : 45237
dscorepropagationdata : {11/15/2022 4:16:38 AM, 1/1/1601 12:00:00 AM}
distinguishedname : OU=Applocked,DC=dollarcorp,DC=moneycorp,DC=local
ou : Applocked
whencreated : 11/15/2022 4:16:38 AM
instancetype : 4
objectguid : e33cfcdb-8c09-4a51-a0bf-c67815e72615
objectcategory : CN=Organizational-Unit,CN=Schema,CN=Configuration,DC=moneycorp,DC=local
usncreated : 45196
name : Servers
gplink : [LDAP://cn={308279C1-FFB6-4D52-948C-660B07AC77FB},cn=policies,cn=system,DC=dollarcorp,DC=moneyc
orp,DC=local;0]
whenchanged : 11/15/2022 5:45:10 AM
objectclass : {top, organizationalUnit}
usnchanged : 45916
dscorepropagationdata : {11/15/2022 4:17:04 AM, 1/1/1601 12:00:00 AM}
distinguishedname : OU=Servers,DC=dollarcorp,DC=moneycorp,DC=local
ou : Servers
whencreated : 11/15/2022 4:17:04 AM
instancetype : 4
objectguid : f49a5fa1-0296-4e75-9c2d-c68c3b872d15
objectcategory : CN=Organizational-Unit,CN=Schema,CN=Configuration,DC=moneycorp,DC=local
PS C:\AD\Tools> Get-DomainGPO -Identity "{7478F170-6A0C-490C-B355-9E4618BC785D}"
flags : 0
displayname : Students
gpcmachineextensionnames : [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{D02B1F72-3407-48AE-BA88-E8213C6761F1}][{827D319E-6EA
C-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}]
whenchanged : 11/15/2022 5:48:32 AM
versionnumber : 6
name : {7478F170-6A0C-490C-B355-9E4618BC785D}
cn : {7478F170-6A0C-490C-B355-9E4618BC785D}
usnchanged : 45959
dscorepropagationdata : 1/1/1601 12:00:00 AM
objectguid : 0076f619-ffef-4488-bfdb-1fc028c5cb14
gpcfilesyspath : \\dollarcorp.moneycorp.local\SysVol\dollarcorp.moneycorp.local\Policies\{7478F170-6A0C-490C-
B355-9E4618BC785D}
distinguishedname : CN={7478F170-6A0C-490C-B355-9E4618BC785D},CN=Policies,CN=System,DC=dollarcorp,DC=moneycorp,D
C=local
whencreated : 11/15/2022 5:46:19 AM
showinadvancedviewonly : True
usncreated : 45927
gpcfunctionalityversion : 2
instancetype : 4
objectclass : {top, container, groupPolicyContainer}
objectcategory : CN=Group-Policy-Container,CN=Schema,CN=Configuration,DC=moneycorp,DC=localRespuesta:
StudentsLearning Objective - 3
ActiveDirectory Rights for RDPUsers group on the users named ControlxUser
PS C:\AD\Tools> Get-DomainUser -Identity "Control*" | select samaccountname
samaccountname
--------------
Control721user
Control722user
Control723user
Control724user
Control725user
Control726user
Control727user
Control728user
Control729user
Control730user
Control731user
Control732user
Control733user
Control734user
Control735user
Control736user
Control737user
Control738user
Control739user
Control740user
PS C:\AD\Tools> (Get-Acl 'AD:\CN=Control740User,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local').Access | select IdentityReference,ActiveDirectoryRights
IdentityReference ActiveDirectoryRights
----------------- ---------------------
Everyone ExtendedRight
NT AUTHORITY\SELF ExtendedRight
NT AUTHORITY\SELF GenericRead
NT AUTHORITY\Authenticated Users ReadControl
NT AUTHORITY\SYSTEM GenericAll
S-1-5-32-548 GenericAll
dcorp\Domain Admins GenericAll
dcorp\RDPUsers GenericAll
NT AUTHORITY\SELF ReadProperty, WriteProperty
NT AUTHORITY\SELF ReadProperty, WriteProperty
NT AUTHORITY\SELF ExtendedRight
NT AUTHORITY\SELF ExtendedRight
NT AUTHORITY\SELF ReadProperty, WriteProperty
NT AUTHORITY\Authenticated Users ReadProperty
NT AUTHORITY\Authenticated Users ReadProperty
NT AUTHORITY\Authenticated Users ReadProperty
NT AUTHORITY\Authenticated Users ReadProperty
S-1-5-32-560 ReadProperty
S-1-5-32-561 ReadProperty, WriteProperty
S-1-5-32-561 ReadProperty, WriteProperty
dcorp\Cert Publishers ReadProperty, WriteProperty
dcorp\RAS and IAS Servers ReadProperty
dcorp\RAS and IAS Servers ReadProperty
dcorp\RAS and IAS Servers ReadProperty
dcorp\RAS and IAS Servers ReadProperty
S-1-5-32-554 ReadProperty
S-1-5-32-554 ReadProperty
S-1-5-32-554 ReadProperty
S-1-5-32-554 ReadProperty
S-1-5-32-554 ReadProperty
S-1-5-32-554 ReadProperty
S-1-5-32-554 ReadProperty
S-1-5-32-554 ReadProperty
S-1-5-32-554 ReadProperty
S-1-5-32-554 ReadProperty
mcorp\Enterprise Key Admins ReadProperty, WriteProperty
dcorp\Key Admins ReadProperty, WriteProperty
CREATOR OWNER Self
NT AUTHORITY\SELF Self
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS ReadProperty
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS ReadProperty
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS ReadProperty
NT AUTHORITY\SELF WriteProperty
S-1-5-32-554 GenericRead
S-1-5-32-554 GenericRead
S-1-5-32-554 GenericRead
NT AUTHORITY\SELF ReadProperty, WriteProperty
NT AUTHORITY\SELF ReadProperty, WriteProperty, ExtendedRight
mcorp\Enterprise Admins GenericAll
S-1-5-32-554 ListChildren
BUILTIN\Administrators ... WriteProperty, ExtendedRight, Delete, GenericRead, WriteDacl, WriteOwnerdcorp\RDPUsers GenericAllRespuesta:
GenericAllLearning Objective - 4
Trust Direction for the trust between dollarcorp.moneycorp.local and eurocorp.local
PS C:\AD\Tools> Get-ADTrust -Identity eurocorp.local
Direction : BiDirectional
DisallowTransivity : False
DistinguishedName : CN=eurocorp.local,CN=System,DC=dollarcorp,DC=moneycorp,DC=local
ForestTransitive : False
IntraForest : False
IsTreeParent : False
IsTreeRoot : False
Name : eurocorp.local
ObjectClass : trustedDomain
ObjectGUID : d4d64a77-63be-4d77-93c2-6524e73d306d
SelectiveAuthentication : False
SIDFilteringForestAware : False
SIDFilteringQuarantined : True
Source : DC=dollarcorp,DC=moneycorp,DC=local
Target : eurocorp.local
TGTDelegation : False
TrustAttributes : 4
TrustedPolicy :
TrustingPolicy :
TrustType : Uplevel
UplevelOnly : False
UsesAESKeys : False
UsesRC4Encryption : FalseRespuesta:
BiDirectionalLast updated