configuring-active-directory-tiered-model

Solid

Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory. Covers Tier 0/1/2 separation, privileged access workstations (PAWs), administrative f

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 97/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
94
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Configuring Active Directory Tiered Model ## Overview Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory. Covers Tier 0/1/2 separation, privileged access workstations (PAWs), administrative forest design, authentication policy silos, and credential theft mitigation. ## When to Use - When deploying or configuring configuring active directory tiered model capabilities in your environment - When establishing security controls aligned to compliance requirements - When building or improving security architecture for this domain - When conducting security assessments that require this implementation ## Prerequisites - Familiarity with identity access management concepts and tools - Access to a test or lab environment for safe execution - Python 3.8+ with required dependencies installed - Appropriate authorization for any testing activities ## Objectives - Implement comprehensive configuring active directory tiered model capability - Establish automated discovery and monitoring processes - Integrate with enterprise IAM and security tools - Generate compliance-ready documentation and reports - Align with NIST 800-53 access control requirements ## Security Controls | Control | NIST 800-53 | Description | |---------|-------------|-------------| | Account Management | AC-2 | Lifecycle management | | Access Enforcement | AC-3 | Policy-based access control | | Least Privilege | AC-6 | Minimum necessary permissions | ...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Solid

configuring-ldap-security-hardening

Harden LDAP directory services against common attacks including credential harvesting, LDAP injection, anonymous binding, and channel binding bypass. Covers LDAPS enforcement, channel binding, LDAP si

12,642 Updated today
mukul975
DevOps & Infrastructure Solid

implementing-conditional-access-policies-azure-ad

Configure Microsoft Entra ID (Azure AD) Conditional Access policies for zero trust access control. Covers signal-based policy design, device compliance requirements, risk-based authentication, named l

12,642 Updated today
mukul975
AI & Automation Solid

implementing-privileged-access-workstation

Design and implement Privileged Access Workstations (PAWs) with device hardening, just-in-time access, and integration with CyberArk or BeyondTrust for secure administrative operations.

12,642 Updated today
mukul975
AI & Automation Featured

auditing-azure-active-directory-configuration

Auditing Microsoft Entra ID (Azure Active Directory) configuration to identify risky authentication policies, overly permissive role assignments, stale accounts, conditional access gaps, and guest user risks using AzureAD PowerShell, Microsoft Graph API, and ScoutSuite.

12,642 Updated today
mukul975
AI & Automation Solid

performing-privileged-account-discovery

Discover and inventory all privileged accounts across enterprise infrastructure including domain admins, local admins, service accounts, database admins, cloud IAM roles, and application admin account

12,642 Updated today
mukul975