Skip to content

Domain Services Overview

  • Domain Services are services that the domain controller provides to the rest of the domain tree
    • LDAP or Lightweight Directory Access Protocol provides communication between applications and directory services
    • Certificate Services allows domain controller to create, validate and revoke public key certificates
    • DNS, LLMNR, NBT-NS are Domain Naming Services for identifying IP hostnames

Domain Authentication Overview

  • Authentication Protocols set in place are The most important part of Active Directory & The most vulnerable **
  • Kerberos is the default authentication service for Active Directory that uses ticket-granting tickets and service tickets to authenticate users and give users access to other resources across the domain
  • NTLM Windows New Technology LAN Manager is the default Windows authentication protocol that uses an encrypted challenge/response protocol