Explore the intricate world of Group Policy Objects (GPO) Enumeration in our latest blog post. Learn how GPO enumeration helps manage network systems more efficiently, building a secure and controlled environment while reducing configuration errors.
Stay on top of the latest trends and technologies in network management and security through our expert-backed insights on GPO Enumeration. A must-read for network administrators and IT professionals.
Table of Contents
GPO Enumeration
Dive into the depth of GPO Enumeration, its functionality, benefits and the role it plays in strengthening the network security parameters of your organization.
Get current domain
Get-NetDomain
Get object of another domain
Get-NetDomain -Domain moneycorp.localGet domain SID for the current domain
Get-DomainSIDGet domain policy for the current domain
Get-DomainPolicy (Get-DomainPolicy)."system access"
Get domain policy for another domain
(Get-DomainPolicy -domain moneycorp.local)."system access" (Get-DomainPolicy -domain moneycorp.local)."kerberos policy" (Get-DomainPolicy -domain moneycorp.local)."Privilege Rights" # OR (Get-DomainPolicy)."KerberosPolicy" #Kerberos tickets info(MaxServiceAge) (Get-DomainPolicy)."SystemAccess" #Password policy (Get-DomainPolicy).PrivilegeRights #Check your privileges
Get domain controllers for the current domain
Get-NetDomainController
Get domain controllers for another domain
Get-NetDomainController -Domain moneycorp.local
Get a list of users in the current domain
Get-NetUser Get-NetUser -Username student1
Get list of all properties for users in the current domain
Get-UserProperty Get-UserProperty -Properties pwdlastset,logoncount,badpwdcount Get-UserProperty -Properties logoncount Get-UserProperty -Properties badpwdcount
Search for a particular string in a user’s attributes
Find-UserField -SearchField Description -SearchTerm "built"
Get a list of computers in the current domain
Get-NetComputer Get-NetComputer -OperatingSystem "*Server 2016*" Get-NetComputer -Ping Get-NetComputer -FullData
Get all the groups in the current domain
Get-NetGroup Get-NetGroup -Domain <targetdomain> Get-NetGroup -FullData Get-NetComputer -Domain
Get all groups containing the word “admin” in group name
Get-NetGroup *admin* Get-NetGroup -GroupName *admin* Get-NetGroup *admin* -FullData Get-NetGroup -GroupName *admin* -Doamin moneycorp.local
Get all the members of the Domain Admins group
Get-NetGroupMember -GroupName "Domain Admins" -Recurse #test the below command #Get-NetGroupMember -GroupName "Domain Admins" -Properties * | select DistinguishedName,GroupCategory,GroupScope,Name,Members
Get the group membership for a user
Get-NetGroup -UserName "student1"
List all the local groups on a machine (needs administrator privs on non-dc machines)
Get-NetLocalGroup -ComputerName dcorp-dc.dollarcorp.moneycorp.local -ListGroups
Get members of all the local groups on a machine (needs administrator privs on non-dc machines)
Get-NetLocalGroup -ComputerName dcorp-dc.dollarcorp.moneycorp.local -Recurse
Get actively logged users on a computer (needs local admin rights on the target)
Get-NetLoggedon -ComputerName dcorp-dc.dollarcorp.moneycorp.local
Get locally logged users on a computer
Needs remote registry on the target – started by-default on server OS.
Get-LoggedonLocal -ComputerName dcorp-dc.dollarcorp.moneycorp.local
Get the last logged user on a computer (needs administrative rights and remote registry on the target)
Get-LastLoggedon -ComputerName <servername>
Find shares on hosts in current domain.
Invoke-ShareFinder -Verbose
Find sensitive files on computers in the domain
Invoke-FileFinder -Verbose
Get all fileservers of the domain
Get-NetFileServer
Show Comments
