Jump to content


Photo
- - - - -

Domain Administrator Access


  • Please log in to reply
4 replies to this topic

#1 Aspargis

Aspargis

    Will I break 10 posts?

  • Members
  • 3 posts
  • Gender:Male
  • Location:Norway

Posted 27 January 2011 - 06:48 AM

Is it possible to gain administrator access as a local administrator and domain user? I am able to ping other users, and I can list all admins etc.

Thanks.

#2 tekio

tekio

    5(R1P7 |<1DD13

  • Binrev Financier
  • 1,119 posts
  • Gender:Male
  • Location:The Blue Nowhere

Posted 27 January 2011 - 09:34 AM

Is it possible to gain administrator access as a local administrator and domain user? I am able to ping other users, and I can list all admins etc.

Thanks.


I'm not sure I understand your question fully. To login into a domain it will either authenticate from a pdc, bdc, or active directory. The local admin user will authenticate from the local system with credentials stored in the sam file. If the local user (in this case administrator account) has the same user name and password both locally and on the network, it will automatically login into to the doamin and local system. That is how it worked on older nt domains.

Local adminstrator has access to the entire local system. Domain adminstrator has access to the domain, and can access network services and active directory for the domain. Local administrator has no access to domain services.

Just curious, what do you mean when you say "ping a user"? I think you can only ping hosts on the network.

#3 Aspargis

Aspargis

    Will I break 10 posts?

  • Members
  • 3 posts
  • Gender:Male
  • Location:Norway

Posted 27 January 2011 - 02:01 PM


Is it possible to gain administrator access as a local administrator and domain user? I am able to ping other users, and I can list all admins etc.
w
Thanks.


I'm not sure I understand your question fully. To login into a domain it will either authenticate from a pdc, bdc, or active directory. The local admin user will authenticate from the local system with credentials stored in the sam file. If the local user (in this case administrator account) has the same user name and password both locally and on the network, it will automatically login into to the doamin and local system. That is how it worked on older nt domains.

Local adminstrator has access to the entire local system. Domain adminstrator has access to the domain, and can access network services and active directory for the domain. Local administrator has no access to domain services.

Just curious, what do you mean when you say "ping a user"? I think you can only ping hosts on the network.


I do have access to list active directory. I know the difference between local and domain admin, I just wondered if you can do a command in order to change one of the admins password. Of course, "net user admin * /domain" won't work due to error 5, but all I currently got is the admins usernames, and in some cases full, real names by the "net group "Domain Admins" /domain" command and "net user [admin_username] /domain" command.

On the domain I try to gain access to, each user is given an individual local IP for the domain. (One with numbers and one [info].username.[domainname]. I can ping both.

#4 tekio

tekio

    5(R1P7 |<1DD13

  • Binrev Financier
  • 1,119 posts
  • Gender:Male
  • Location:The Blue Nowhere

Posted 27 January 2011 - 02:12 PM

It is just kinda difficult to know exactly what you are asking. You can list active directory, but do you have domain admin acces? If so use dsmod. If you only have user level acces, no you cannot change an admin passwd. Unless you can find a way to elevate domain privs. If so any domain user could change any password on the system. To my knowledge there is no public exploit to do this on a fully patched system.

#5 Aspargis

Aspargis

    Will I break 10 posts?

  • Members
  • 3 posts
  • Gender:Male
  • Location:Norway

Posted 27 January 2011 - 02:16 PM

It is just kinda difficult to know exactly what you are asking. You can list active directory, but do you have domain admin acces? If so use dsmod. If you only have user level acces, no you cannot change an admin passwd. Unless you can find a way to elevate domain privs. If so any domain user could change any password on the system. To my knowledge there is no public exploit to do this on a fully patched system.


Ok, that basically answered my question. English is not my first language, so I have a hard time expressing myself.
Thanks for the answer.




BinRev is hosted by the great people at Lunarpages!