Dumping NTDS warning message #329
-
|
Hi, I was wondering if anyone could tell me about the specific risks posed by dumping NTDS on a Windows Server 2019 Domain Controller as mentioned in this rather alarming warning message: Line 264 in 7af9020 I've not been able to find anything specific to Windows Server 2019 crashing, and it wasn't present in prior versions of CME (which I've been able to use successfully). Is this message warning about general NTDS dumping risks or is there a specific reason it's singling out Windows Server 2019? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
Because if the ntds database is hugggggge, using impacket lib will crash the DC. Therefore a warning is shown to avoid crashing the DC if you have no idea if the dc is huge or not :) To avoid the crash, you simply dump a specific user or use the module ntdsutils More info on the crash fortra/impacket#1436 |
Beta Was this translation helpful? Give feedback.
-
|
Thanks for the info, the warning wasn't present in the version of CME that I'd been using previously so it was a bit of a shock, good to know the source. |
Beta Was this translation helpful? Give feedback.
Because if the ntds database is hugggggge, using impacket lib will crash the DC. Therefore a warning is shown to avoid crashing the DC if you have no idea if the dc is huge or not :)
To avoid the crash, you simply dump a specific user or use the module ntdsutils
More info on the crash fortra/impacket#1436