pingcastle icon indicating copy to clipboard operation
pingcastle copied to clipboard

Add AdminSDHolder to critical infrastructure list

Open missing0x00 opened this issue 1 year ago • 0 comments

AdminSDHolder permissions are applied every 60 minutes to numerous protected groups in the domain. If the AdminSDHolder permissions are misconfigured, they will continually apply the same vulnerabilities to Domain Admins and other groups.

https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/appendix-c--protected-accounts-and-groups-in-active-directory#adminsdholder

missing0x00 avatar Feb 14 '25 06:02 missing0x00