Hidden User Account and OU in Active Directory

5 pts.
Active Directory
Microsoft Exchange
Windows 2000 Server
I am trying to find a "hidden" user account in active directory and cannot find it. I have already selected Advanced Features and it still isn't locatable. I know the user exists and can see that the account has been used to login to pcs, but when searching active directory it doesn't show up except under administrators, where it is ghosted. It is listed under a hidden ou that used to be viewable. This is on a server running Windows Server 2000. The current network admin did this, but he is being let go and I have been asked to find any hidden accounts he may have before they let him go. I need to be able to access the hidden OU that the account is under. Any help would be so very much appreciated.

Answer Wiki

Thanks. We'll let you know when a new response is added.

What rights do you have on the domain?

You may need to take over the old admins domain account to make sure that you can see the hidden OU.

You should be able to see all the OUs as a domain admin, but if the admin is sneaky enough he could hide an OU from you.

unfortunate that you have someone in your organization that is upset enough to do that. this is another case that if you are at the point that you need to let your IT staff go you must sever ties immediately and not let them linger around with admin rights. it will be tough to get around for a while but these problems are what happen when you let them stay. the above info is what you need to try. reset his account password and login as him. that way you would have his rights to the domain. he more than likely added the “domain admins” group to the ACL list of the OU and account and then put a DENY permission on the OU and account. so no matter what rights the group has they still can’t see it.

what you also need to do is get on the main router and change the password. and also check that router to see what accounts have VPN access to the network from outside. then reset ALL of those account passwords. more than likely he knows them or has them written down since he is being let go. better safe than sorry. in that case if something does go wrong you know he didn’t get in that way.

also you need to set all accounts on the domain to expire the passwords so everyone has to change their passwords. this is not going to go over well but you need to explain to management that he has already put in place items to circumvent your security and you need to fix them.

Discuss This Question:  

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: