No announcement yet.

DumpSec Rights Report anomaly

  • Filter
  • Time
  • Show
Clear All
new posts

  • DumpSec Rights Report anomaly

    I have encountered the following anomaly while using DumpSec 2.8.6 on an Active Directory 2003 domain controller. In the "Dump Rights" Report, a few Accounts are shown that do not match user logons in the other DumpSec user reports (or in the AD Management console). The anomalies in the report have the pattern of DOMAINNAME\NNNNNNNN (where N is a digit 0-9). So for example a line from the Dump Rights report looks like this:

    SeTcbPrivilege, MYDOMAIN\00000614, "Act as part of the operating system"

    However "MYDOMAIN\00000614" does not appear in the "Dump Users as a ..." report or Active Directory consoles.

    Could these be some kind of remnant from our Windows NT Domain upgrade?

  • #2
    Re: DumpSec Rights Report anomaly

    If you have Hyena, see if you also see this account when you view the user rights. This could be a special account that was created during a migration process, and those accounts don't appear on a user listing.
    Kevin Stanush
    SystemTools Software Inc.