Indentifying overpriviledged users (based on Keroberos token size)

<< Inhaltsverzeichnis anzeigen >>

Navigation:  Start > Using 8MAN - The Services > Permission Analysis  > Active Directory  > Services for Administrators >

Indentifying overpriviledged users (based on Keroberos token size)

Background / Value

The size of a Kerberos token is a good indicator for identifying users with excessive access rights. The more group memberships a user has, the bigger their Kerberos token. Even if a group membership does not automatically grant privileges, it is worthwhile analyzing the listed users. Additionally, if a user exceeds his maximum Kerberos token size he can no longer register on the network.

 

Step by step process

A004-01 EN überberechtige Benutzer anhand Kerberos Token

 

1.Select the Dashboard.

2.Double-click on the user in the list "Top 5 Kerberos Tokens".




A004-02 EN überberechtige Benutzer anhand Kerberos Token

 

1.8MAN automatically focuses on the selected user in the AD graph view.

2.All "parents", meaning groups in which the selected user is a direct or indirect member of, are shown on the left-hand side. If a group is very large, we recommend a flat list view.