configuring-active-directory-tiered-model
Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory. Covers Tier 0/1/2 separation, privileged access workstations (PAWs), administrative f
Best use case
configuring-active-directory-tiered-model is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory. Covers Tier 0/1/2 separation, privileged access workstations (PAWs), administrative f
Teams using configuring-active-directory-tiered-model should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/configuring-active-directory-tiered-model/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How configuring-active-directory-tiered-model Compares
| Feature / Agent | configuring-active-directory-tiered-model | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory. Covers Tier 0/1/2 separation, privileged access workstations (PAWs), administrative f
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Configuring Active Directory Tiered Model ## Overview Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory. Covers Tier 0/1/2 separation, privileged access workstations (PAWs), administrative forest design, authentication policy silos, and credential theft mitigation. ## When to Use - When deploying or configuring configuring active directory tiered model capabilities in your environment - When establishing security controls aligned to compliance requirements - When building or improving security architecture for this domain - When conducting security assessments that require this implementation ## Prerequisites - Familiarity with identity access management concepts and tools - Access to a test or lab environment for safe execution - Python 3.8+ with required dependencies installed - Appropriate authorization for any testing activities ## Objectives - Implement comprehensive configuring active directory tiered model capability - Establish automated discovery and monitoring processes - Integrate with enterprise IAM and security tools - Generate compliance-ready documentation and reports - Align with NIST 800-53 access control requirements ## Security Controls | Control | NIST 800-53 | Description | |---------|-------------|-------------| | Account Management | AC-2 | Lifecycle management | | Access Enforcement | AC-3 | Policy-based access control | | Least Privilege | AC-6 | Minimum necessary permissions | | Audit Logging | AU-3 | Authentication and access events | | Identification | IA-2 | User and service identification | ## Verification - [ ] Implementation tested in non-production environment - [ ] Security policies configured and enforced - [ ] Audit logging enabled and forwarding to SIEM - [ ] Documentation and runbooks complete - [ ] Compliance evidence generated
Related Skills
pymc-bayesian-modeling
Bayesian modeling with PyMC. Build hierarchical models, MCMC (NUTS), variational inference, LOO/WAIC comparison, posterior checks, for probabilistic programming and inference.
performing-threat-modeling-with-owasp-threat-dragon
Use OWASP Threat Dragon to create data flow diagrams, identify threats using STRIDE and LINDDUN methodologies, and generate threat model reports for secure design review.
performing-directory-traversal-testing
Testing web applications for path traversal vulnerabilities that allow reading or writing arbitrary files on the server by manipulating file path parameters.
performing-active-directory-vulnerability-assessment
Assess Active Directory security posture using PingCastle, BloodHound, and Purple Knight to identify misconfigurations, privilege escalation paths, and attack vectors.
performing-active-directory-penetration-test
Conduct a focused Active Directory penetration test to enumerate domain objects, discover attack paths with BloodHound, exploit Kerberos weaknesses, escalate privileges via ADCS/DCSync, and demonstrate domain compromise.
performing-active-directory-forest-trust-attack
Enumerate and audit Active Directory forest trust relationships using impacket for SID filtering analysis, trust key extraction, cross-forest SID history abuse detection, and inter-realm Kerberos ticket assessment.
performing-active-directory-compromise-investigation
Investigate Active Directory compromise by analyzing authentication logs, replication metadata, Group Policy changes, and Kerberos ticket anomalies to identify attacker persistence and lateral movement paths.
performing-active-directory-bloodhound-analysis
Use BloodHound and SharpHound to enumerate Active Directory relationships and identify attack paths from compromised users to Domain Admin.
modelica
Modelica acausal equation-based multi-domain modeling via Wolfram Language. Chemputation-native simulation with automatic conservation laws. Lambda-Modelica bridge for string diagram semantics. Fixed point classification for 3-coloring/3-MATCH systems.
kuramoto-model
Coupled oscillators with sinusoidal coupling
implementing-threat-modeling-with-mitre-attack
Implements threat modeling using the MITRE ATT&CK framework to map adversary TTPs against organizational assets, assess detection coverage gaps, and prioritize defensive investments. Use when SOC teams need to align detection engineering with threat landscape, conduct threat assessments for new environments, or justify security tool procurement.
implementing-purdue-model-network-segmentation
Implement network segmentation based on the Purdue Enterprise Reference Architecture (PERA) model to separate industrial control system networks into hierarchical security zones from Level 0 physical process through Level 5 enterprise, enforcing strict traffic control between OT and IT domains.