Join Log in
Score:0
Bob5421 avatar Server

Machine account or local user account

hm flag
Bob5421

I am working on an active directory environnement.

I am connected to a workstation as a local administrator. I have launched a powershell console and I have typed:

$Env:UserName

I have multiple workstations. Sometimes I can see the local administrator name and sometime I see the AD machine account.

This is strange because I can run powerview and query Active Directory as local administrator. How can this be possible ?

How can I swap (impersonate) between this local administrator account and AD machine user account ?

Thanks

39
0 + 6
cn flag
Greg Askew
What does `whoami /all` show?
0
Reply
Bob5421 avatar
hm flag
Bob5421
whoami displays informations about local administrator
0
Reply
Semicolon avatar
jo flag
Semicolon
A local administrative account running an elevated process will use the machine's credentials when accessing network resources.
0
Reply
Bernd Schwanenmeister avatar
au flag
Bernd Schwanenmeister
You should never see the machine name. Please try the same on a cmd shell with %username%. What @Semicolon says is surely incorrect. There is no automatic impersonation of the system account when accessing network resources - you will always be asked for credentials. If you are not asked, this implies that there are saved credentials for that resource present that are used automatically.
0
Reply
Semicolon avatar
jo flag
Semicolon
Indeed. It is a local administrative account -- acting as system - that would access the network resources using the machine's account.
0
Reply
us flag
twconnell
There is not enough information here about how OP is "connected" to these workstations. Is it interactive logon? Is it a PSSession? Is it some other remote administration tool like PsExec, dameware, or RDP? How would one reproduce the behavior is what I want to know.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.