LDAP Active Directory - Group Enumeration

info Nessus Plugin ID 167251


Nessus was able to gain identity information from the remote LDAP server.


By using the search base gathered by plugin ID 25701 and the supplied credentials, Nessus was able to enumerate group identity data from Active Directory.

Note: The Active Directory Identity scan template and associated plugins are intended to be used with smaller AD deployments for purposes of preliminary analysis. Accurate preliminary analysis can be expected for AD deployments with up to 5000 users, groups or machines and incomplete results will be returned for larger AD deployments with Nessus, Security Center and Vulnerability Management.

Plugin Details

Severity: Info

ID: 167251

File Name: ldap_enum_group.nbin

Version: 1.56

Type: local

Agent: windows

Family: Windows

Published: 11/15/2022

Updated: 5/20/2024

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

Required KB Items: SMB/login_filled/0, ldap_enum/available