Tag Archives: active directory

ACL: Automate Active Directory Downloads

Here’s a way to automate the download of data from Active Directory (AD), specifically group members, into ACL using adfind and the ACL Execute command.

I’ll walk you through it step-by-step.

Even if you don’t use ACL, you might gain a better understanding of AD and LDAP in general….

Continue reading

Advertisements

1 Comment

Filed under ACL, Audit, How to..., Scripting (ACL), Technology, Written by Skyyler

Server Audit for the Dauntless

dauntless server auditIf you’re looking for an insightful server audit, and you’re dauntless, you might want to jump on this train.

First, why do you need to be dauntless?

Because you’re going to need to obtain your data from a number of different sources; the bigger your company, the more likely you’ll need to call on and question more than a handful of people.

Because comparing and tracking all the servers that are on one list, but not another can be a challenge.

Because it his highly LIKELY that you WILL find something and the server team will not be happy.

Continue reading

3 Comments

Filed under Audit, How to..., Security, Technology

What IT Auditors Ought to Know – and Don’t!

Here’s my list of IT/security basics that I think IT auditors ought to know. If you can’t understand and audit these items, you do not know enough about technology to avoid having the wool pulled over your irises (not matter how good an auditor you are). The list is in no particular order.

If you’re a CISA or CISSP and you don’t know the following, I think you have some work to do.

Continue reading

37 Comments

Filed under Audit, How to..., Security, Technology

SANS Audit Checklists

The SANS Audit Advice and Resources* website has a free checklists section:

6 VMWare Settings Every IT Auditor Should Know About

5 Things Every IT Auditor Needs to Know About: SSH Configuration

Continue reading

Leave a comment

Filed under Audit, Security

Windows Widows

I’m surprised at the number of IT auditors who don’t understand Windows and Active Directory (AD) accounts. I can understand auditors who aren’t familiar with Unix, but Windows? Perhaps too many financial auditors are crossing over from the Far Side.

Continue reading

Leave a comment

Filed under Audit