Skip to content

Eguibar IT

Over a decade of expertise in Active Directory, infrastructure, and security. Deep dive into AD Tier Model, RBAC and PowerShell automation

  • Home
  • Microsoft
    • Windows Server
      • Static IPv6 Address in Windows Server
      • Windows Basic Monitoring Definition Guide
    • Active Directory
      • AD Delegation Model (RBAC) – Tier-Based Least‑Privilege Access
        • AD Delegation Model – Admin Area or Tier0
          • Building Admin Area (Tier0)
          • Delegating Admin Area (Tier0)
          • Configuring Admin Area (Tier0) with Powershell
        • Delegation Model – Servers Area or Tier1
        • Delegation Model – Sites Area or Tier2
      • Active Directory Tier Model– Secure Tier‑based Architecture
      • Role Based Access Control
      • PAW – Secure Admin Workstation for AD and Azure
      • Tier Model & Delegation Model questions
    • Hyper-V
  • AD-Paradigm
  • Other Assets
    • Network
    • TCP/IP
  • Powershell
    • Complete Housekeeping by using Powershell
      • New Random Password
      • Powershell Semi-Privileged user provisioning
      • Windows Server Core Disk Cleanup Alternative
      • Scheduled Task using gMSA
      • Managing Local Administrative Rights at Scale
      • Privileged User Management
      • Privileged Group Management
      • Privileged Computer Management
      • Semi-Privileged User Group Management
      • Privileged and Semi-Privileged Account Lifecycle
      • Service Account Management
    • Delegation Model PowerShell Scripts
      • EguibarIT PowerShell Module
      • EguibarIT.Delegation PowerShell Module AD Delegation Automation
      • EguibarIT.Housekeeping PowerShell Module for AD Housekeeping
  • AD Hyper-V LAB
    • Use Hyper-V and Powershell to provision new Virtual Machine
  • About

Group: Security Concern

Security topics, questions, answers, discussions and references around the model, and the security improvements that can be achieved.

Why do I need this model?

Why do I need this model? Because Active Directory is exposed, and don’t misunderstand this. It is exposed to persons, applications, services and networks, so there is a real risk to get it compromised. There are hundreds of details to […]

Read More

Is there an alternative to these models?

Not really. The model focuses on many “very old, but STILL valid” concepts, which help us to protect our directory. For example, having unpatched systems will render into vulnerable systems, and the only solution is to patch them, reducing the […]

Read More

Recent Posts

  • 0 (Zero) Admin Model
  • Least Privileged Access
  • Privileged and Semi-Privileged Users
  • Segregation of Duties
  • Logical Perimetral Security

Recent Comments

No comments to show.

Archives

  • April 2018
  • November 2017
  • October 2017
  • September 2017

Categories

  • Active Directory
  • AD Tier Model
  • Delegation Model
  • Security

Copyright 2025. All rights reserved.


Back To Top