Differences

This shows you the differences between two versions of the page.

--- windows:enumerate_domain_data [2020/07/30 14:25] – created bstafford
+++ windows:enumerate_domain_data [2022/11/23 12:49] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
 ====== Enumerate Domain Data ======
+See if endpoint is joined to domain (run as Administrator)
+<code>dsregcmd /status</code>
+List all domain controllers
+<code>nltest /dclist:</code>
+Display a Global Catalog Server
+<code>nltest /dsgetdc:</code>
+Display all users in the domain
+<code>net users /domain > domain-users.txt</code>
+Display all groups in the domain
+<code>net group/domain > domain-groups.txt</code>
+Display members of a group (does not show groups within this group)
+<code>net group "domain admins" /domain</code>
+Show data on a users
+<code>net user "jblogs" /domain</code>
+Show domain account settings
+<code>net accounts /domain</code>
-</code>nltest /dclist:</code>
+To Show List of Domain Controller IP addresses
-</code>nltest /dsgetdc:</code>
+<code>nslookup gc._msdcs.yourdomain.com</code>
-</code>net group "domain admins" /domain</code>
-</code>klist</code>
+===== Local Data =====
-</code>net user "jblogs" /domain</code>
+Show groups that exist on the local machine
-</code>cmdkey /list</code>
+<code>net localgroup</code>
+Show local workstation data
+<code>net config workstation</code>
+Show list of local Kerberos tokens on device you are on
+<code>klist</code>
+Show local stored credentials
+<code>cmdkey /list</code>