windows:enumerate_domain_data
This is an old revision of the document!
Enumerate Domain Data
See if endpoint is joined to domain (run as Administrator)
dsregcmd /status
List all domain controllers
nltest /dclist:
Display a Global Catalog Server
nltest /dsgetdc:
Display all users in the domain
net users /domain > domain-users.txt
Display all groups in the domain
net group/domain > domain-groups.txt
Display members of a group (does not show groups within this group)
net group "domain admins" /domain
Show data on a users
net user "jblogs" /domain
Show domain account settings
net accounts /domain
To Show List of Domain Controller IP addresses
nslookup gc._msdcs.yourdomain.com
Local Data
Show groups that exist on the local machine
net localgroup
Show local workstation data
net config workstation
Show list of local Kerberos tokens on device you are on
klist
Show local stored credentials
cmdkey /list
windows/enumerate_domain_data.1644239229.txt.gz · Last modified: (external edit)