Skill

configuring-active-directory-tiered-model

From asi

Implements Microsoft's ESAE tiered administration model for Active Directory, covering Tier 0/1/2 separation, PAWs, administrative forests, authentication silos, and credential theft mitigation.

Python

security

authentication

npx claudepluginhub plurigrid/asi --plugin asi

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory. Covers Tier 0/1/2 separation, privileged access workstations (PAWs), administrative forest design, authentication policy silos, and credential theft mitigation.

SKILL.md

Similar Skills

configuring-active-directory-tiered-model

5.9k

Implements Microsoft's ESAE tiered model for Active Directory with Tier 0/1/2 separation, PAWs, authentication silos, and credential theft mitigation. For securing AD environments.

3 files

cybersecurity-skills

configuring-active-directory-tiered-model

Configures Microsoft ESAE Active Directory tiered admin model with Tier 0/1/2 separation, PAW workstations, management forests, authentication silos, and credential theft mitigations. For securing enterprise identity environments.

3 files

cybersecurity-skills-zh

implementing-conditional-access-policies-azure-ad

Configures Microsoft Entra ID (Azure AD) Conditional Access policies for zero trust access control, covering signal-based design, device compliance, risk-based authentication, and NIST integration.

asi

Stats

Parent Repo Stars16

Parent Repo Forks5

Last CommitApr 4, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Configuring Active Directory Tiered Model

Overview

When to Use

When deploying or configuring configuring active directory tiered model capabilities in your environment

When establishing security controls aligned to compliance requirements

When building or improving security architecture for this domain

When conducting security assessments that require this implementation

Prerequisites

Familiarity with identity access management concepts and tools

Access to a test or lab environment for safe execution

Python 3.8+ with required dependencies installed

Appropriate authorization for any testing activities

Objectives

Implement comprehensive configuring active directory tiered model capability

Establish automated discovery and monitoring processes

Integrate with enterprise IAM and security tools

Generate compliance-ready documentation and reports

Align with NIST 800-53 access control requirements

Security Controls

Control

NIST 800-53

Description

Account Management

AC-2

Lifecycle management

Access Enforcement

AC-3

Policy-based access control

Least Privilege

AC-6

Minimum necessary permissions

Audit Logging

AU-3

Authentication and access events

Identification

IA-2

User and service identification

Verification

Implementation tested in non-production environment

Security policies configured and enforced

Audit logging enabled and forwarding to SIEM

Documentation and runbooks complete

Compliance evidence generated