ℹ️Introduction to Identities

Active Directory's role in security

Components of an IAM System

• Directory

• Directory Management Tool

• Access Control

• Privilege Management

• Audit and Reporting

Forms of Identity Subsystems

Linux

• /etc/shadow

• /etc/passwd

Windows

• Security Access Manager

Identity Management

• Linux-based OpenLDAP

• Windows-based Active Directory

• Third party solutions: Shibboleth, Okta, etc.

• Logical structure in the organization

• Physical mapping across site

Management Tools

Active Directory

• Remote Server Administration Tool

• Powershell

LDAP Service (Active Directory/Linux)

• LDAPAdmin

• Jxplorer

Authentication

• UserID and password

• Passwords stored as hashes

• Complex passwords - failed solution

• Multifactor authentication

Active Directory Auditing

• Collect data from the directory

• Analyze it to determine directory health

• Ensure the directory is secure

• Ensure it supports the IT mission

The LDAP Protocol

• Lightweight Directory Access Protocol

• Repository for organizational entity information

• Uses port 389 for LDAP and 636 for port LDAPS

LDAP System

• Distributed servers

• Coordinated response to requests

Interact with LDAP at the command line

Connect to the LDAP server using SSH

Dump database contents

Decode the Password

The LDAPAdmin Tool

LDAP AdminSourceForge

Active Directory Domain Services

• Directory

• Schema

• Catalog

• Group Policy Objects

• Replication service

• Security for identity and access control

Active Directory Hierarchy

Domain Controller View

Trust Relationships

Interact with Active Directory at the command line

Access LDAP services with a GUI client

Install Jxplorer

Run Jxplorer GUI

Active Directory Security Audit

Active Directory (AD) Auditing Tool | Lepide AuditorLepide

Track Privileged Active Directory Users - FreewareLepide

Run The Tool

• Enter Domain Name or IP address

• Enter the admin username

• Enter password

• Click Scan Now button