TierZeroTable icon indicating copy to clipboard operation
TierZeroTable copied to clipboard
verified publisher icon BloodHoundAD

RODC in tier0

Open ruppde opened this issue 2 years ago • 1 comments

hi,

the "Is Tier Zero" of RODCs should be DEPENDS because because the RODCs might share the DSRM password with the DCs (synced via GPO).

https://adsecurity.org/?p=3592

arnim

ruppde avatar Aug 05 '23 11:08 ruppde

Hi Arnim,

Thanks for your suggestion!

We only covered the RODC AD group in the first blog post / webinar, so that is the only RODC asset we have in the table so far. We will discuss the RODC computer objects and the RODC OS in a future episode. There are a lot of things to consider for RODC, and the thing you mention about the DSRM password is definitely a good point.

Thanks again, Jonas

JonasBK avatar Aug 08 '23 16:08 JonasBK