About

Active Directory is a Windows service that is included in most of the Windows server operating systems. The most simplest of explanation of the Active Directory is that it stores information about objects on the network and makes this information easy for administrators and users to find and use.

Objects can range from physical objects to softwares to logical names such as printers, computers, security groups, usernames & passwords, applications, file shares, etc.

Some of the applications/uses of Active Directory are,

• Centralized user and rights management

• Organize the data required for your organization

• Organize the company's network heirarchy

Tens of thousands of companies use AD with nearly 90% of all Fortune 1000 companies. I cannot stress the importance of AD and its proliferation across organizations wanting to get on the digital transformation wagon.

This is a treasure trove for hackers and hence it is important for any white hacker when evaluating a network and its resources to start with the AD.

There are methods to query a AD for the users that are present in the domain along with the different systems and applications/services that may be running on those systems. It is also possible to gather detailed information such as the passwords of users.

Domain Controller

Domain controllers are one of the most important components within an AD. They are physical servers that are responsible for authentication of users and systems to gain access to resources within a domain.

The DC usually comprises of the LDAP service for communication and a computer network authentication protocol, usually Kerberos.