🕵️ Active Directory Groups audit w. Neo4J
adriens
Posted on May 16, 2023
🧐 About
Active Directory is a crucial part of many Information Systems as it manages both authentication and access management.
In this article, we'll focus on Active Directory group management analysis.
🍿 Demo
💰 Return On Investment
With this data, we are now able to :
- 📏 Produce classification
- 🔮 Make predictions
- 🕸️ Cross checking with third party identity management services
🔭 Further with groups
We will link these datas (ie. relationships) on top of our our digital identity management, see below:
🌌 Digital identities journey w. Neo4J
adriens for opt-nc ・ May 9 '23
💡 Group tuning & Minimum spanning tree
Having large set of groups has impacts on performances. Getting this data as a graph makes it possible to use graph algorithms to see if we can improve group assignment design thanks to Minimum spanning tree.
📷 Screenshots gallery
We often ask ourselves the same questions
Below some still screenshots of our experience:
🔬 Drilling down into someone's groups
⚖️ Member & Guest accounts
Guest users have default restricted directory permissions. They can manage their own profile, change their own password, and retrieve some information about other users, groups, and apps. However, they can't read all directory information. B2B guest users are not supported in Microsoft Teams shared channels.
Let's see how they are implemented:
// Groupes dont les 2 agents et les 2 guests du GLIA sont membres
MATCH (a:AD_agent {name:"3004XXX"})-[ia:IS_MEMBER_OF]->(g:AD_group)
<-[ig:IS_MEMBER_OF]-(b:AD_agent {name:"2999XXX"})
OPTIONAL MATCH (gu:AD_guest {name:"pXXX"})-[ip:IS_MEMBER_OF]->(g)
OPTIONAL MATCH (gue:AD_guest {name:"dXXX"})-[id:IS_MEMBER_OF]->(g)
RETURN a,g,b,gu,gue,ia,ig,ip,id
🐘 Biggest groups
🏋️♂️ Account having the largest amount of groups
Getting a large amount of groups can mean many things, so being able to analyze this is worth taking a glance:
Posted on May 16, 2023
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.