Local vs domain user: itadmin

[tsluyter]

I would like to suggest that the locally created accounts on DC01 and WS01 are renamed from "itadmin" to "localadmin". Otherwise, if students do not clearly specify "labs\itadmin" as username, they will be logged in as the local, non-domain account. This messed with labs like L1120, where Sharphound needs to detect the user's domain.

By renaming "ws01\itadmin" to "ws01\localadmin" you are making a clear distinction between the domain account and the local account.

[tsluyter]

The recordings I'm watching showcase this problem at 02:06:40 where people are having trouble enumerating with Bloodhound, because the user has no domain. This happens because they login as "itadmin" which is "ws01\itadmin". You need to specifically add "labs\itadmin".

You can prevent this by making them two separate users...