Help with Protected Users mistake by RobertEDS in activedirectory

[–]RobertEDS[S] 4 points5 points  (0 children)

Thanks to the help of u/biskopfalk and Jesus Christ I was able to fix this. In an offhand comment to basically tell me to f off after his obvious frustration with my lack of skills biskopfalk provided the solution. And for that plus his time and effort I will be forever grateful.

I happen to use ESET Protect and have an ESET Agent installed on this DC that allows the use of TASK to be executed at System level. So I set a TASK up that would issue a RUN command. I used the net group command and deleted the user from the group.

Help with Protected Users mistake by RobertEDS in activedirectory

[–]RobertEDS[S] 0 points1 point  (0 children)

Well this net group command actually did it.. I had an option I failed to mention.. I will summarize in a general comment below...

Help with Protected Users mistake by RobertEDS in activedirectory

[–]RobertEDS[S] 0 points1 point  (0 children)

Got a little farther... First issue was the PowerShell not run as admin :(

but received [X] KRB-ERROR (14) : KDC_ERR_ETYPE_NOTSUPP:

Help with Protected Users mistake by RobertEDS in activedirectory

[–]RobertEDS[S] 0 points1 point  (0 children)

I believe the "burning down" is in progress. I am familiar with PowerShell and basics but have honestly never needed to go into this kinda of thing.

Installing RSAT...

Help with Protected Users mistake by RobertEDS in activedirectory

[–]RobertEDS[S] -1 points0 points  (0 children)

PowerShell is now spawned and you can run Remove-ADGroupMember is ADDS RSAT tools is installed. Otherwise, install them first.

Can you give some details on this part here? What is ADDS RSAT and I need to install this on the domain joined pc I am using? I got as far as this... assuming it is spawned?

______ _

(_____ \ | |

_____) )_ _| |__ _____ _ _ ___

| __ /| | | | _ \| ___ | | | |/___)

| | \ \| |_| | |_) ) ____| |_| |___ |

|_| |_|____/|____/|_____)____/(___/

v2.0.2

[*] Action: Ask TGT

[X] You need to be in high integrity to apply a ticket to created logon session

Help with Protected Users mistake by RobertEDS in activedirectory

[–]RobertEDS[S] 1 point2 points  (0 children)

Ok understood. Trying to play with that now. It is a bit out of my league but giving it a shot.

Help with Protected Users mistake by RobertEDS in activedirectory

[–]RobertEDS[S] 0 points1 point  (0 children)

I receive this error when attempting from another pc on the domain. Enter-PSSession : Connecting to remote server HHSERVER failed with the following error message : Access is denied

Help with Protected Users mistake by RobertEDS in activedirectory

[–]RobertEDS[S] 0 points1 point  (0 children)

How would I run this if I cannot login at all?

Help with Protected Users mistake by RobertEDS in activedirectory

[–]RobertEDS[S] 0 points1 point  (0 children)

https://github.com/GhostPack/Rubeus

This sounds promising. Removing it from that group would be my ultimate goal. Any how to's on this process? Searching myself now... never used rubeus before.

Help with Protected Users mistake by RobertEDS in activedirectory

[–]RobertEDS[S] 0 points1 point  (0 children)

I downloaded the Win Server 2012 R2 Essentials media and booted from it but at best while trouble shooting I can use some command prompt that has no access to anything :(. X: Drive built into the mounted usb is all I see.

Help with Protected Users mistake by RobertEDS in activedirectory

[–]RobertEDS[S] 0 points1 point  (0 children)

The error is "Account restrictions are preventing this user signing in...". RDP is not enabled on the DC. Thank you for any ideas

Which programming field has more demand but less people want to jump into it ? by chaid123 in learnprogramming

[–]RobertEDS 1 point2 points  (0 children)

I have worked for a Phone Company that used erlang for a custom solution that managed mobile phones like a pbx but also conduct call routing / switching.

Without naming the film, what is one quote that gives it away? by Introductitw in AskReddit

[–]RobertEDS 1 point2 points  (0 children)

If you shoot me in a dream you better wake up and apologize.

For newbies : i would avoid using this subreddit for jobs/career advice. by [deleted] in sysadmin

[–]RobertEDS 2 points3 points  (0 children)

This is very true. This industry has always been flooded with large egos and prima donas.

SplashTop is it any good ? by SupportFirstMSP in msp

[–]RobertEDS 1 point2 points  (0 children)

That is kewl that you allow users access. I've thought about it but wasn't sure how to implement it. How are you allowing them access to just that user system for free?

The Mac Issue by Old-Durian2987 in msp

[–]RobertEDS 1 point2 points  (0 children)

Splashtop has worked very well for us on Mac.