Full Disclosure mailing list archives

Re: Active Directory accounts

From: Philosophil <flosofl () gmail com>
Date: Fri, 8 Sep 2006 08:28:12 -0500

Steven,

You'll have better luck asking the Pen Testing mailing list than this
list.  I have seen Full Disclosure go steadily downhill over the last
few months.  In fact after this email, I'm unsubscribing from this
useless list.

These days it appears you get nothing but script-kiddies and people
who would rather sling insults than actually answer a question (if
they even know the answer) such as deji's response.

I wish I could answer your question directly, but I'm a Unix/Linux
guy.  The best advice I have to give you is to leave this list and try
to find one where people actually know (and supply) answers.  Pen
Testing is usually a good resource.

Good luck.

On 9/7/06, Steven Rakick <stevenrakick () yahoo com> wrote:

Hello,

I have a question regarding some data I pulled off a
customers AD. We recently ran AD scan to identify
several user accoutn violation types using AD
Inspector (www.obtuse.net/software/adinspector).
Basically the search contained filters for users who
dont have password expirations enabled and also users
who havent logged in in the last 90 days (stale
accounts). Anyways, the results were quite suprising
and I'd like to validate them.

My question is this. Is the lastLogon AD account
property updated any time a user authenticates to AD
regardless of the service? Like, if I login to a 3rd
party application which uses LDAP integration with AD
for authentication, will that update the users
lastLogon property in AD?

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Active Directory accounts Steven Rakick (Sep 07)
- RE: Active Directory accounts deji (Sep 07)
- Re: Active Directory accounts Philosophil (Sep 08)
  - Message not available
    - Re: Active Directory accounts Philosophil (Sep 08)
- <Possible follow-ups>
- RE: Active Directory accounts Angel Barrio (Sep 08)
- RE: Active Directory accounts Steven Rakick (Sep 08)
- RE: Active Directory accounts Angel Barrio (Sep 08)