# What is the Active Directory scan? ### Intro An Active Directory (AD) is a directory service provided by Microsoft operating systems. It enables the network administrator of a company to centralize user and machine authentication, manage permissions, and control access to network resources. When dealing with a company that has an AD, attackers aim to become the system administrator. By doing so, they gain control over all workstations and servers, allowing them to exploit the attack. ### How does it work? The AD scan uses the PingCastle tool to analyze the insured company's Active Directory configurations and assess their security level. It identifies: * Outdated objects: systems that are too old or obsolete; * Overly permissive trust relationships; * Overly permissive user permissions; * Anomalies, such as weak password policies. The scan results highlight potential vulnerabilities, classified into four levels: low, medium, high, and critical. If a vulnerability is detected, the necessary remediation steps are detailed by clicking on each misconfiguration. {% hint style="info" %} Two types of Active Directory coexist at Microsoft: * An on-premises Active Directory, analyzed by Stoïk Protect's Active Directory scan; * An Azure Cloud Active Directory, also called Entra ID, whose configurations are analyzed by Stoïk Protect's Cloud scan. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.stoik.io/prevention-tools/what-is-the-active-directory-scan.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.