troubleshooting Question

local admin rights risk on innocuous server

Avatar of Pau Lo
Pau Lo asked on
SecurityWindows OSActive DirectoryOS Security
1 Comment1 Solution27 ViewsLast Modified:
Is it a reasonable assumption to make, that if a user has been granted local admin rights to a windows server in a domain, that technically they could use that access, albeit on a single server in this case, to compromise other servers across the domain? And if so what specific attack paths may they use with their admin rights to a single server?
I have noted during an audit of admin rights across systems joined to the domain, that some accounts have admin rights on individual domain joined servers. The servers themselves don’t host any sensitive data, or run live applications or critical processes etc, and as such there is a perception that there is little risk associated with this. I was hoping to tap into your views as whether my theory that this is actually a dangerous starting point if they had malicious plans, or if you feel the risk is actually fairly low? Or any other risk factors to consider, e.g. ransomware propagation?
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 1 Comment.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 1 Comment.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros