Terminology

Object

Object can be defined as ANY resource present within an Active Directory environment such as OUs, printers, users, domain controllers.

Global Unique Identifier (GUID)

Unique 128-bit value assigned to objects.
Used internally by AD for identification.

Security Principals

Authenticated entities (users, computers, services, etc.).
Manage access to domain resources.

Distinguished Name (DN)

Full path to an object in AD (e.g., cn=sreed, ou=IT, dc=example, dc=com).

Relative Distinguished Name (RDN)

Unique identifier within its parent container.

userPrincipalName (UPN)

Alternative way to identify users (e.g., sreed@example.com).

FSMO Roles

Five roles ensuring AD replication and operation:
1. Schema Master (one per forest)
2. Domain Naming Master (one per forest)
3. RID Master (one per domain)
4. PDC Emulator (one per domain)
5. Infrastructure Master (one per domain)

Global Catalog (GC)

Stores full copies of objects in the current domain and partial copies from other domains.
Helps in authentication and searching for AD objects across domains.
Crucial for login processes and Exchange Server lookups.

Replication

Synchronizes changes across Domain Controllers.
Managed by the Knowledge Consistency Checker (KCC).

Service Principal Name (SPN)

Service Principal Name (SPN) is a unique identifier of a service instance. Kerberos authentication uses SPNs to associate a service instance with a service sign-in account. Doing so allows a client application to request service authentication for an account even if the client doesn't have the account name, because every service has a corresponding service account.

Group Policy Object (GPO)

Collection of policy settings applied to users and computers.
Used for security configurations, software deployments, and administrative settings.
Can be applied at different levels (site, domain, OU).

Fully Qualified Domain Name (FQDN)

Complete name for a host (e.g., dc01.example.com).

SYSVOL

Stores Group Policy settings and logon scripts.
Replicated across all DCs.

ADSI Edit

Advanced GUI tool for managing AD objects and attributes.

sIDHistory

Stores previous SIDs during migrations.
Can be abused if not secured.

PreviousTheory NextReconnaissance

Last updated 2 days ago

Service Principal Name (SPN)

Service Principal Name (SPN) is a unique identifier of a service instance. Kerberos authentication uses SPNs to associate a service instance with a service sign-in account. Doing so allows a client application to request service authentication for an account even if the client doesn't have the account name, because every service has a corresponding service account.