ContainsIdentity

The ContainsIdentity relationship represents how an AD domain contains the identity of an AD account (user or computer).

Abuse Info

Control over the domain object enables an attacker to compromise all accounts of the domain. For example, DCSync, AllExtendedRights, or GenericAll permission on the domain object enables the attacker to perform a DCSync attack and obtain the credentials of any account of the domain. Refer to the inbound edges on the domain node for more details.

Opsec Considerations

There is no opsec information for this edge.

References

Mimikatz DCSync Usage, Exploitation, and Detection

Get Started with BloodHound

Install a Data Collector

Collect Data

OpenGraph

Analyze Attack Path Data

Manage BloodHound

API & Integrations

Resources

Abuse Info

Opsec Considerations

References

Get Started with BloodHound

Install a Data Collector

Collect Data

OpenGraph

Analyze Attack Path Data

Manage BloodHound

API & Integrations

Resources

​Abuse Info

​Opsec Considerations

​References

Abuse Info

Opsec Considerations

References