# Enumeration with ldapdomaindump

Once valid Active Directory credentials are obtained, one of the fastest ways to extract a wealth of domain information is using ldapdomaindump. This tool queries LDAP and generates organized reports of AD objects such as users, groups, computers, and policies.

```
sudo ldapdomaindump ldap(s)://10.0.2.18 -u 'MARVEL\fcastle' -p Password1!
```

## Use Case

- Quickly identify interesting accounts (e.g., service accounts, admin groups).
- Spot weaknesses in descriptions (like passwords accidentally stored in the “Description” field).
- Build a map of group memberships to target privileged users.