Active Directory Delegation Dissected

Thursday, May 17, 2018

11:00 AM - 12:00 PM PDT

60 minutes, including Q&A

Active Directory Delegation Dissected, by Owen Shearing
Active Directory Delegation Dissected - Securing Centrify's Active Directory Delegations, by Robertson Pimentel

Active Directory Delegation of administration duties are often recommended by security organisations and Microsoft themselves have been pushing for the use of least privilege principal for quite some time. But what exactly is AD delegation and how can these configurations potentially be abused?

In this webcast, NotSoSecure will show that delegated rights should not be overlooked in a security assessment. A case study will be used to demonstrate how we can detect and understand the impact of these potential logical flaws, and we'll continue through a series of events to see how an attacker can manipulate users and groups to potentially gain access to sensitive company data or even view juicy LAPS and BitLocker attributes. The end goal, surprisingly, might not be the ever sought after Domain Admin crown.

Key takeaways:

  • Understand the implications of Active Directory Delegated permissions
  • Learn how to easily identify and mitigate issues (blue team perspective)
  • Understand that the goal of an attacker may not always be Domain or Enterprise Administrator accounts

Brought to you by:


Guest Presenter:

Owen Shearing

Owen Shearing

Owen Shearing has worked in the IT industry for a number of years, the last 7 specifically within security. He is an Associate Director at NotSoSecure, a specialist IT security company delivering high-end IT security consultancy and training. Owen has delivered NotSoSecure training courses at Blackhat Asia, USA and EU over the past couple of years. He runs the blog rebootuser.com and has authored tools which can be found at github.com/rebootuser.

Sponsor Presenter:

Robertson Pimentel

Robertson Pimentel

Robertson Pimentel, CISSP, CISM, Product Manager, Centrify, has 20 years of work experience focused in many areas: IT Infrastructure, Identity and Access Management, Project Management, People Development/Competency Development and Quality Assurance. These days his goals are to be able to contribute to a breath of subjects and see quick and meaningful results. His interests lie in Access Controls and the impact of security controls in organizational productivity.

Sustaining Partners