Port 389 may not be as much of a problem as they are telling you it is
This article is loosely based on my German blog article from 2024 (here). Almost every AD security assessment, penetration test…
Knowledge Base
PowerShell: Get Well-Known Objects (WKO)
Depending on your environment, default well-known containers may have been renamed or, for example, default locations for new users and…
PowerShell: Getting JIT group memberships
If you are using temporary group memberships introduced as a part of the Privileged Access Management optional feature in Server…
LDAP Controls in Active Directory
To get the currently supported LDAP controls, you can query rootDSE: Be aware that, although the client-side controls “bitwise matching…
LDAP Capabilities in Active Directory
To get the currently supported LDAP capabilities, you can query rootDSE: Currently the following capabilities are supported: OID Capability 1.2.840.113556.1.4.800…
PowerShell: Resolve dsHeursitics
This function is handy for resolving dsHeuristics values:
dsHeuristics behavior manipulation
Many aspects of ADs behavior are governed by the dsHeuristics attribute of the Directory Service configuration object: In contrast to…
DSA Heuristics on Domain Controllers
Besides dsHeuristics which is stored in the configuration partition, Domain Controllers’ behavior is also governed by the DSA Heuristics value…