{"id":120,"date":"2021-12-06T17:09:02","date_gmt":"2021-12-06T17:09:02","guid":{"rendered":"https:\/\/12stick.de\/?page_id=120"},"modified":"2026-05-06T07:23:03","modified_gmt":"2026-05-06T07:23:03","slug":"how-does-it-work","status":"publish","type":"page","link":"https:\/\/www.12beAdmin.com\/?page_id=120","title":{"rendered":"How does it work?"},"content":{"rendered":"\n<p>We stay on the common known&nbsp;<strong><a href=\"https:\/\/en.wikipedia.org\/wiki\/AGDLP\" target=\"_blank\" rel=\"noreferrer noopener\">AGDLP<\/a><\/strong>&nbsp;concept, also known as&nbsp;<strong>AGLP<\/strong>&nbsp;depending on the situation. We choose an Account&nbsp;<strong>(A)<\/strong>, we make it a member of a AD Global Group&nbsp;<strong>(G)<\/strong>, we integrate this group into the Local Group&nbsp;<strong>(L)<\/strong>&nbsp;Administrators on the machine and grant this group administrative Permissions&nbsp;<strong>(P)<\/strong>, by making it a member of the administrators.<\/p>\n\n\n\n<p>We will create an individual security group for each system inside our AD like %computername%-Admins. The user we choose will become a member of the individual group. The users password will be reset and the group membership will be cleaned up after ending the script.<\/p>\n\n\n\n<p>We will use group policy to integrate this group as a member of the local administrators.<\/p>\n\n\n\n<p>Everytime you need administrative rights on a target machine, you run\u00a0<strong>12beAdmin<\/strong>, type in the computername of your target and\u00a0<strong>12beAdmin<\/strong>\u00a0will generate a random password for your &#8222;%username%.someending&#8220; and make this account a member of the %computername%-Admins group for a (short) period of time.<\/p>\n\n\n\n<p><strong>12beAdmin <\/strong>is 100% Powershell scripting. We are running on the cmdlets  from the RSAT tools Active Directory Users and Computers and some general ones. The UI is build on XAML. No binary executable, no hidden code. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>We stay on the common known&nbsp;AGDLP&nbsp;concept, also known as&nbsp;AGLP&nbsp;depending on the situation. We choose an Account&nbsp;(A), we make it a member of a AD Global Group&nbsp;(G), we integrate this group into the Local Group&nbsp;(L)&nbsp;Administrators on the machine and grant this group administrative Permissions&nbsp;(P), by making it a member of the administrators. We will create an &#8230; <a title=\"How does it work?\" class=\"read-more\" href=\"https:\/\/www.12beAdmin.com\/?page_id=120\" aria-label=\"Mehr Informationen \u00fcber How does it work?\">Weiterlesen<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-120","page","type-page","status-publish"],"_links":{"self":[{"href":"https:\/\/www.12beAdmin.com\/index.php?rest_route=\/wp\/v2\/pages\/120","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.12beAdmin.com\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.12beAdmin.com\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.12beAdmin.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.12beAdmin.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=120"}],"version-history":[{"count":9,"href":"https:\/\/www.12beAdmin.com\/index.php?rest_route=\/wp\/v2\/pages\/120\/revisions"}],"predecessor-version":[{"id":290,"href":"https:\/\/www.12beAdmin.com\/index.php?rest_route=\/wp\/v2\/pages\/120\/revisions\/290"}],"wp:attachment":[{"href":"https:\/\/www.12beAdmin.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=120"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}