This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Remove From My Forums

Get All users/groups with sensitive tag

Question
0

Sign in to vote

Hi,

How could I dump the list of the users/groups who has sensitive privileges. is there any column on the mongodb that I can query

Thank You,

Ali

Tuesday, July 18, 2017 10:18 AM

Answers

1

Sign in to vote
You can try this:

mongo ATA --eval " db.UniqueEntity.find({'IsSensitive' : true}, {'DistinguishedName': 1}) "

Note: this will work for current version, might not work for others, the DB is often changed,
and is not designed officially for customer custom queries.
- Marked as answer by 0xPwntester Tuesday, July 25, 2017 2:14 PM
Tuesday, July 18, 2017 10:57 AM

All replies

1

Sign in to vote
You can try this:

mongo ATA --eval " db.UniqueEntity.find({'IsSensitive' : true}, {'DistinguishedName': 1}) "

Note: this will work for current version, might not work for others, the DB is often changed,
and is not designed officially for customer custom queries.
- Marked as answer by 0xPwntester Tuesday, July 25, 2017 2:14 PM
Tuesday, July 18, 2017 10:57 AM
0

Sign in to vote

Hello Team,

When i am checking the ata report.

I found sensitive users and senstive computer.

what is the difference between the sensitive user and normal user.

how to identify the deferences. ?

Monday, August 21, 2017 5:58 PM
0

Sign in to vote

See this:

https://docs.microsoft.com/en-us/advanced-threat-analytics/ata-technical-faq#why-are-certain-accounts-considered-sensitive

Monday, August 21, 2017 6:12 PM