The Windows domain or Active Directory (АD) is a term describing a product made by Microsoft applied in the majority of enterprise networks. We can imagine AD as a structure holding the entire Windows ecosystem together, therefore, the security of entire internal network usually depends on the security of the domain. However, given the number of attack vectors, maintaining security of the domain is a major challenge, which is confirmed by our success with escalating domain administrator privileges in the vast majority of internal penetration testing activities. We in Hacking Lab will share the descriptions and resolutions of the challenges we are dealing with during these tests. Nevertheless, we do not see as significant only the attack as such, but also the remedial and preventive measures, which may present even greater challenge. Unfortunately, in many cases the systems remain vulnerable not because of the demanding character of security measures implementation, but due to the mere ignorance thereof.