Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ADROOT Account Found #1

Open
MidwestAdmin opened this issue Jul 23, 2018 · 1 comment
Open

ADROOT Account Found #1

MidwestAdmin opened this issue Jul 23, 2018 · 1 comment

Comments

@MidwestAdmin
Copy link

What is the ADROOT account living in RootDSE? This powershell script was able to find it but when I browse RootDSE using ADSI Edit I can't see it but I can find it and manipulate it when running powershell through ISE when debugging. I can't find any documentation on the existence of this account but it was privileged at one time because the script finds it and resets it's AdminCount flag. Why does this script find it and since it reset the flag on it should I be concerned?

adroot
@chadmcox
Copy link
Owner

that's not very clear. the adroot is the name of the psprovider being mapped. in this case looks like only one group was found

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chadmcox @MidwestAdmin