> ## Documentation Index
> Fetch the complete documentation index at: https://specterops-bp-2641-crowdstrike-integration.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# DCFor

> This edge indicates that the computer is a domain controller for the domain. This edge is not created for read-only domain controllers.

<img noZoom src="https://mintcdn.com/specterops-bp-2641-crowdstrike-integration/_rZ1zFkP5xLBuV5I/assets/enterprise-AND-community-edition-pill-tag.svg?fit=max&auto=format&n=_rZ1zFkP5xLBuV5I&q=85&s=2b8e51d7e5a52c262dd70a93b9024f7e" alt="Applies to BloodHound Enterprise and CE" width="482" height="45" data-path="assets/enterprise-AND-community-edition-pill-tag.svg" />

## Abuse Info

Domain Controllers store all Active Directory credentials and configurations for all principals in the domain. If an adversary gains administrative access to a Domain Controller, there are several options at their disposal for compromising domain identities and domain-managed systems. Please see the references section for more information.

## Opsec Considerations

Domain Controllers are universally among the most sensitive systems in Active Directory, and are often closely monitored by defenders. Attacks that rely on administrative access to a domain controller may produce artifacts that defenders will see as reliable and urgent indicators of compromise.

## Edge Schema

Source: [Domain](/resources/nodes/domain)\
Destination: [Domain](/resources/nodes/domain)\
Traversable: **Yes**

## References

### Abuse and Opsec references

* [Beyond Domain Admins](https://adsecurity.org/?p=3700)
