https://tryhackme.com/room/activedirectorybasics

Task 2 - Physical Active Directory

Interesting files AD DS Data Store

%SystemRoot%\\NTDS\\Ntds.dit

%SystemRoot%\\System32\\Ntds.dit

Task 3 - The Forest

• Trees - A hierarchy of domains in Active Directory Domain Services
• Domains - Used to group and manage objects
• Organizational Units (OUs) - Containers for groups, computers, users, printers and other OUs
• Trusts - Allows users to access resources in other domains
• Objects - users, groups, printers, computers, shares
• Domain Services - DNS Server, LLMNR, IPv6
• Domain Schema - Rules for object creation

Task 4 - Users + Groups

Users Overview

Users are the core to Active Directory; without users why have Active Directory in the first place? There are four main types of users you'll find in an Active Directory network; however, there can be more depending on how a company manages the permissions of its users. The four types of users are:

• Domain Admins - This is the big boss: they control the domains and are the only ones with access to the domain controller.
• Service Accounts (Can be Domain Admins) - These are for the most part never used except for service maintenance, they are required by Windows for services such as SQL to pair a service with a service account
• Local Administrators - These users can make changes to local machines as an administrator and may even be able to control other normal users, but they cannot access the domain controller
• Domain Users - These are your everyday users. They can log in on the machines they have the authorization to access and may have local administrator rights to machines depending on the organization.