
Gaining Domain Admin from Outside Active Directory - wolframio
https://markitzeroday.com/pass-the-hash/crack-map-exec/2018/03/04/da-from-outside-the-domain.html
======
Jaruzel
Although an interesting writeup, the failure here is that several machines had
the same local admin password.

In most responsible corporate deployments, the local admin account name and
the password are randomised during the machine build process, to prevent this
sort of attack. Doing this has been common practice for Active Directory
machine deployments for several years now.

(I've spent a large chunk of my career designing and deploying Windows
infrastructure.)

