Skip to content

Domain Services Overview

  • Domain Services are services that the domain controller provides to the rest of the domain tree
    • [[LDAP]] or Lightweight Directory Access Protocol provides communication between applications and directory services
    • Certificate Services allows domain controller to create, validate and revoke public key certificates
    • [[DNS]], LLMNR, NBT-NS are Domain Naming Services for identifying IP hostnames

Domain Authentication Overview

  • Authentication Protocols set in place are The most important part of Active Directory & The most vulnerable **
  • [[Kerberos]] is the default authentication service for Active Directory that uses ticket-granting tickets and service tickets to authenticate users and give users access to other resources across the domain
  • [[NTLM]] [[Windows]] New Technology LAN Manager is the default [[Windows]] authentication protocol that uses an encrypted challenge/response protocol