NTFSSecurity icon indicating copy to clipboard operation
NTFSSecurity copied to clipboard

Published 20 hours ago verified publisher icon raandree

Get-NTFSEffectiveAccess from non-domain joined system

Open cyberfreaq opened this issue 3 years ago • 2 comments

Is it possible to query the effective access of a domain user to a domain share from a system which is not joined to the domain? For example via running a Powershell process with runas /user:domain\user_in_question ?

cyberfreaq avatar Mar 10 '21 12:03 cyberfreaq

Generally, no. There could be issues with the permissions that allow anyone to query the permissions in which case yes it's possible.

Could you just connect to the system using the credentials and then run the test rather than running ti directly from the non domain joined machine?

Sup3rlativ3 avatar Mar 11 '21 04:03 Sup3rlativ3

Thank you for your answer!

My use case would be a security assessment where I'm not allowed to install Powershell modules or run Powershell code on locked down domain-joined computers. So I'm looking for ways to do this from my assessment machine, which I am allowed to connect to the network.

cyberfreaq avatar Mar 29 '21 09:03 cyberfreaq