en-US/about_DSInternals.help.txt

TOPIC
    about_DSInternals
 
SHORT DESCRIPTION
    The Directory Services Internals (DSInternals) PowerShell Module exposes
    several internal and undocumented features of Active Directory.
 
LONG DESCRIPTION
    The main features of the DSInternals PowerShell Module include:
    - Offline ntds.dit file manipulation, including hash dumping, password
    resets, group membership changes, SID History injection and
    enabling/disabling accounts.
    - Online password hash dumping through the Directory Replication Service
    Remote Protocol (MS-DRSR).
    - Active Directory password auditing that discovers accounts sharing the
    same passwords or having passwords in a public database like HaveIBeenPwned
    or in a custom dictionary.
    - Domain or local account password hash injection through the Security
    Account Manager Remote Protocol (MS-SAMR) or directly into the database.
    - LSA Policy modification through the Local Security Authority Remote
    Protocol (MS-LSAD / LSARPC).
    - Extracting credential roaming data and DPAPI domain backup keys, either
    online through MS-DRSR and LSARPC or offline from ntds.dit.
    - Bare-metal recovery of domain controllers from just IFM backups (ntds.dit
    + SYSVOL).
    - Password hash calculation, including NT hash, LM hash and kerberos keys.
 
NOTE
    Features exposed through these tools are not supported by Microsoft.
    Improper use might cause irreversible damage to domain controllers or
    negatively impact domain security.
 
SEE ALSO
    Get-ADDBAccount
    Get-ADReplAccount
    Test-PasswordQuality
    New-ADDBRestoreFromMediaScript
    ConvertTo-NTHash