-
Notifications
You must be signed in to change notification settings - Fork 19
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Worked on Security Account Manager (SAM) script and documentation
- Loading branch information
1 parent
f154c9f
commit 4516c69
Showing
13 changed files
with
384 additions
and
168 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# Terminal server client | ||
|
||
The most recent used (MRU) connnections of the Terminal server client can | ||
be found in the key: | ||
|
||
``` | ||
HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default | ||
``` | ||
|
||
Values: | ||
|
||
Name | Data type | Description | ||
--- | --- | --- | ||
MRU# | REG_SZ | The most recently used connection. <br> Where # is a string in the form: "[0-9]+" | ||
|
||
The contents of MRU# is either an IP address, e.g. 192.168.16.60, or a hostname, e.g. computer.domain.com. | ||
|
||
## External Links | ||
|
||
* [How to Remove Entries from the Remote Desktop Connection Computer Box](https://docs.microsoft.com/en-US/troubleshoot/windows-server/remote/remove-entries-from-remote-desktop-connection-computer) | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
46 changes: 46 additions & 0 deletions
46
docs/sources/security-accounts-manager-keys/Security-accounts-manager.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
# Security Accounts Manager (SAM) | ||
|
||
The Security Accounts Manager (SAM) is stored in the key: | ||
|
||
``` | ||
HKEY_LOCAL_MACHINE\SAM\SAM | ||
``` | ||
|
||
Sub keys: | ||
|
||
Name | Description | ||
--- | --- | ||
Domains | Built-in and account domains | ||
RXACT | | ||
|
||
Values: | ||
|
||
Name | Data type | Description | ||
--- | --- | --- | ||
C | REG_BINARY | | ||
|
||
### C value data | ||
|
||
The C value data is variable of size and consists of: | ||
|
||
Offset | Size | Value | Description | ||
--- | --- | --- | --- | ||
0 | 2 | | <mark style="background-color: yellow">**Unknown (Format version?)**</mark> | ||
2 | 2 | | <mark style="background-color: yellow">**Unknown**</mark> | ||
4 | 4 | | <mark style="background-color: yellow">**Unknown (empty?)**</mark> | ||
8 | 4 | | <mark style="background-color: yellow">**Unknown data size**</mark> | ||
12 | 2 | | <mark style="background-color: yellow">**Unknown**</mark> | ||
14 | 2 | | <mark style="background-color: yellow">**Unknown**</mark> | ||
16 | ... | | <mark style="background-color: yellow">**Unknown data (security descriptor?)**</mark> | ||
|
||
#### Format version | ||
|
||
Value | Description | ||
--- | --- | ||
1 | Used in Windows NT 3.1 | ||
2 | Used in Windows NT 3.5 | ||
3 | Used in Windows NT 4 | ||
6 | Used in Windows 2000 | ||
7 | Used in Windows XP and later | ||
9 | Used in Windows Windows 11 | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
############################## | ||
Security accounts manager keys | ||
############################## | ||
|
||
.. toctree:: | ||
:maxdepth: 1 | ||
|
||
Security accounts manager <Security-accounts-manager> | ||
Domains <Domains> |
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.