Black Hat is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Active Directory Delegation Dissected

View Recording

Thursday, May 17, 2018
11:00AM-12:00PM PDT

Brought to you by:

Active Directory Delegation Dissected, by Owen Shearing
Active Directory Delegation Dissected - Securing Centrify's Active Directory Delegations, by Robertson Pimentel

Active Directory Delegation of administration duties are often recommended by security organisations and Microsoft themselves have been pushing for the use of least privilege principal for quite some time. But what exactly is AD delegation and how can these configurations potentially be abused?

In this webcast, NotSoSecure will show that delegated rights should not be overlooked in a security assessment. A case study will be used to demonstrate how we can detect and understand the impact of these potential logical flaws, and we'll continue through a series of events to see how an attacker can manipulate users and groups to potentially gain access to sensitive company data or even view juicy LAPS and BitLocker attributes. The end goal, surprisingly, might not be the ever sought after Domain Admin crown.

Key takeaways:

  • Understand the implications of Active Directory Delegated permissions
  • Learn how to easily identify and mitigate issues (blue team perspective)
  • Understand that the goal of an attacker may not always be Domain or Enterprise Administrator accounts

Guest Presenter:

Owen Shearing Owen Shearing

Owen Shearing has worked in the IT industry for a number of years, the last 7 specifically within security. He is an Associate Director at NotSoSecure, a specialist IT security company delivering high-end IT security consultancy and training. Owen has delivered NotSoSecure training courses at Blackhat Asia, USA and EU over the past couple of years. He runs the blog and has authored tools which can be found at

Sponsor Presenter:

Robertson Pimentel Robertson Pimentel

Robertson Pimentel, CISSP, CISM, Product Manager, Centrify, has 20 years of work experience focused in many areas: IT Infrastructure, Identity and Access Management, Project Management, People Development/Competency Development and Quality Assurance. These days his goals are to be able to contribute to a breath of subjects and see quick and meaningful results. His interests lie in Access Controls and the impact of security controls in organizational productivity.





Sign up to receive information about upcoming Black Hat events including Briefings, Trainings, speakers, and important event updates.


Sustaining Partners