I have encountered the following anomaly while using DumpSec 2.8.6 on an Active Directory 2003 domain controller. In the "Dump Rights" Report, a few Accounts are shown that do not match user logons in the other DumpSec user reports (or in the AD Management console). The anomalies in the report have the pattern of DOMAINNAME\NNNNNNNN (where N is a digit 0-9). So for example a line from the Dump Rights report looks like this:
SeTcbPrivilege, MYDOMAIN\00000614, "Act as part of the operating system"
However "MYDOMAIN\00000614" does not appear in the "Dump Users as a ..." report or Active Directory consoles.
Could these be some kind of remnant from our Windows NT Domain upgrade?
SeTcbPrivilege, MYDOMAIN\00000614, "Act as part of the operating system"
However "MYDOMAIN\00000614" does not appear in the "Dump Users as a ..." report or Active Directory consoles.
Could these be some kind of remnant from our Windows NT Domain upgrade?
Comment