Skip to comment form

    • Mitch Impey on August 11, 2017 at 8:45 am

    Hi Sean, I have benefited from your expertise for many years. Thanks very much !

    • SS on August 11, 2017 at 5:50 pm

    Is there a way to prevent authenticated folks who are not authorized from running these commands?

    1. Not built-in and working to get these blocked would be non-trivial. Not that this is the same type of data that authenticated users can gather via LDAP.
      Check out the PowerShell module “PowerView”: https://github.com/PowerShellMafia/PowerSploit/tree/master/Recon

      • Joonas on August 17, 2017 at 6:46 am

      There is a way to prevent cmdlets or functions for PS remote session. Look at Securing Privileged Access document from Microsoft. From there look at Just enough admin and you find how to restrict PS usage

Comments have been disabled.