diff --git a/docs/collect-data/enterprise-collection/on-demand-scan.mdx b/docs/collect-data/enterprise-collection/on-demand-scan.mdx
index 4d93ac8..a0886fb 100644
--- a/docs/collect-data/enterprise-collection/on-demand-scan.mdx
+++ b/docs/collect-data/enterprise-collection/on-demand-scan.mdx
@@ -29,7 +29,7 @@ This article outlines how to run an On Demand Scan to perform a one-time immedia
4. In the _On Demand Scan_ window, configure the scan:
- 1. **Data**: The type of data the schedule collects, see [SharpHound Enterprise Data Collection and Permissions](/collect-data/enterprise-collection/permissions)
+ 1. **Data**: The type of data the schedule collects, see [SharpHound Data Collection and Permissions](/collect-data/permissions)
2. **Advanced Options**: See the [Scanning section in the article SharpHound Enterprise Tenant Configuration](/install-data-collector/install-sharphound/tenant-configuration)
diff --git a/docs/collect-data/enterprise-collection/overview.mdx b/docs/collect-data/enterprise-collection/overview.mdx
index d9d8b79..7e6e69c 100644
--- a/docs/collect-data/enterprise-collection/overview.mdx
+++ b/docs/collect-data/enterprise-collection/overview.mdx
@@ -7,7 +7,6 @@ description: "Learn about attack path data collection in BloodHound Enterprise."
+
-SharpHound Enterprise data collection utilizes the open-source [SharpHound Common](https://github.com/BloodHoundAD/SharpHoundCommon) library, maintained by the BloodHound Enterprise Engineering team.
+SharpHound data collection utilizes the open-source [SharpHound Common](https://github.com/BloodHoundAD/SharpHoundCommon) library, maintained by the BloodHound Enterprise Engineering team.
-In BloodHound Enterprise you can start scans for different data types via a [collection schedule](/collect-data/enterprise-collection/collection-schedule) or an [on-demand scan](/collect-data/enterprise-collection/on-demand-scan), the data types are:
+In BloodHound Enterprise you can start scans for different data types via a [collection schedule](/collect-data/enterprise-collection/collection-schedule) or an [on-demand scan](/collect-data/enterprise-collection/on-demand-scan).
+With BloodHound Community Edition, you run scans by [running the executable itself](/collect-data/ce-collection/sharphound).
-* [Active Directory Structure Data](/collect-data/enterprise-collection/permissions#ad-structure-data)
+The data types are:
+
+* [Active Directory Structure Data](/collect-data/permissions#ad-structure-data)
* _Local Groups_, collecting:
- * [Local Group Membership](/collect-data/enterprise-collection/permissions#local-group-membership)
- * [User Rights Assignments](/collect-data/enterprise-collection/permissions#user-rights-assignments)
-* [Sessions](/collect-data/enterprise-collection/permissions#sessions)
-* [Certificate Services](/collect-data/enterprise-collection/permissions#certificate-services)
-* [DC Registry](/collect-data/enterprise-collection/permissions#dc-registry)
-* [CA Registry](/collect-data/enterprise-collection/permissions#ca-registry)
+ * [Local Group Membership](/collect-data/permissions#local-group-membership)
+ * [User Rights Assignments](/collect-data/permissions#user-rights-assignments)
+* [Sessions](/collect-data/permissions#sessions)
+* [Certificate Services](/collect-data/permissions#certificate-services)
+* [DC Registry](/collect-data/permissions#dc-registry)
+* [CA Registry](/collect-data/permissions#ca-registry)
Local Groups and Sessions can only be collected from domain-joined Windows systems, and require privileged collection to be configured, see [Why perform privileged collection in SharpHound](/collect-data/enterprise-collection/privileged-collection). This collection helps understand Attack Paths to individual systems based on non-centralized configurations.
## AD Structure Data
-Information about the objects and relationships within your Active Directory environment makes up the basic information necessary to identify attack paths within your environment. This information includes:
+Information about the objects and relationships within your Active Directory environment makes up the basic information necessary to identify attack paths within your environment.
+
+This information includes:
* Domain trusts.
* Object properties of users, groups, computers, GPOs, OUs containers, and Domain objects.
@@ -93,7 +101,7 @@ SharpHound collects this information utilizing signed LDAP queries against a dom
By default, all Authenticated Users can enumerate almost all Certificate Services data utilized by BloodHound Enterprise.
-Two additional types of data can enhance the findings - [DC Registry](/collect-data/enterprise-collection/permissions#dc-registry) and [CA Registry](/collect-data/enterprise-collection/permissions#ca-registry).
+Two additional types of data can enhance the findings - [DC Registry](/collect-data/permissions#dc-registry) and [CA Registry](/collect-data/permissions#ca-registry).
## DC Registry
diff --git a/docs/docs.json b/docs/docs.json
index a73bc8b..f60b728 100644
--- a/docs/docs.json
+++ b/docs/docs.json
@@ -81,11 +81,11 @@
"group": "Collect Data",
"pages": [
"collect-data/overview",
+ "collect-data/permissions",
{
"group": "BloodHound Enterprise Collection",
"pages": [
"collect-data/enterprise-collection/overview",
- "collect-data/enterprise-collection/permissions",
"collect-data/enterprise-collection/data-retention",
"collect-data/enterprise-collection/ad-hoc-collection",
"collect-data/enterprise-collection/on-demand-scan",
diff --git a/docs/get-started/security-boundaries/enterprise-security-overview.mdx b/docs/get-started/security-boundaries/enterprise-security-overview.mdx
index 454e2b9..e9bad29 100644
--- a/docs/get-started/security-boundaries/enterprise-security-overview.mdx
+++ b/docs/get-started/security-boundaries/enterprise-security-overview.mdx
@@ -184,7 +184,7 @@ This information is available from the API of a running BloodHound Enterprise en
## Data Collection Overview
-For SharpHound, see [SharpHound Data Collection and Permissions](/collect-data/enterprise-collection/permissions).
+For SharpHound, see [SharpHound Data Collection and Permissions](/collect-data/permissions).
For AzureHound, see [AzureHound Enterprise System Requirements and Deployment Process](/install-data-collector/install-azurehound/system-requirements).
diff --git a/docs/install-data-collector/install-sharphound/system-requirements.mdx b/docs/install-data-collector/install-sharphound/system-requirements.mdx
index c870657..6ec1b12 100644
--- a/docs/install-data-collector/install-sharphound/system-requirements.mdx
+++ b/docs/install-data-collector/install-sharphound/system-requirements.mdx
@@ -46,7 +46,7 @@ To collect Active Directory data with SharpHound and ingest it into BloodHound f
* \[Optional\] If performing privileged collection (see [Why perform privileged collection in SharpHound](/collect-data/enterprise-collection/privileged-collection))
* SMB/RPC on 445/TCP to all in-scope domain-joined Windows systems
* Approximately 60-100kB network bandwidth per collection to each in-scope domain-joined Windows system
-* \[Optional\] If performing DC Registry and DC Registry collection (see [DC Registry and CA Registry details](/collect-data/enterprise-collection/permissions#01HR6PT0BG44W65EJJ0WE4H63V))
+* \[Optional\] If performing DC Registry and DC Registry collection (see [DC Registry and CA Registry details](/collect-data/permissions#01HR6PT0BG44W65EJJ0WE4H63V))
* SMB/RPC on 445/TCP to all DCs and domain-joined CAs
## Service Account Requirements
@@ -57,10 +57,10 @@ The SharpHound Enterprise service will run as a domain-joined account and will u
* Granted "Log on as a service" User Rights Assignment on the SharpHound Enterprise server
* \[Optional\] If performing privileged collection (see [Why perform privileged collection in SharpHound](/collect-data/enterprise-collection/privileged-collection))
* Member of the local Administrators group on all in-scope domain-joined Windows systems
-* \[Optional\] If performing DC Registry and DC Registry collection (see [DC Registry and CA Registry details](/collect-data/enterprise-collection/permissions))
+* \[Optional\] If performing DC Registry and DC Registry collection (see [DC Registry and CA Registry details](/collect-data/permissions))
* Member of the local Administrators group on all domain controllers and domain-joined certificate authorities
* \[Optional\]: If Active Directory tombstoning is enabled
* Read privileges to the Deleted Objects container (see [How to let non-administrators view the Active Directory deleted objects container](https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/non-administrators-view-deleted-object-container))
-See [SharpHound Data Collection and Permissions](/collect-data/enterprise-collection/permissions) for comprehensive requirement information.
+See [SharpHound Data Collection and Permissions](/collect-data/permissions) for comprehensive requirement information.
diff --git a/docs/install-data-collector/install-sharphound/tenant-configuration.mdx b/docs/install-data-collector/install-sharphound/tenant-configuration.mdx
index 932aacf..857f500 100644
--- a/docs/install-data-collector/install-sharphound/tenant-configuration.mdx
+++ b/docs/install-data-collector/install-sharphound/tenant-configuration.mdx
@@ -46,7 +46,7 @@ Both the On Demand Scan option and the schedule window provide the same options
| **Option** | **Description** |
| --- | --- |
-| Data (Required) | Multi-select option for the different types of collection available. See [SharpHound Data Collection and Permissions](/collect-data/enterprise-collection/permissions) for details on the data collected and permissions necessary for each. |
+| Data (Required) | Multi-select option for the different types of collection available. See [SharpHound Data Collection and Permissions](/collect-data/permissions) for details on the data collected and permissions necessary for each. |
| Domain controller | By default, SharpHound automatically selects a Domain Controller for LDAP queries. Specifying a Domain Controller hostname or FQDN here will define the default value utilized on this schedule.If not set, SharpHound will utilize the value set in the client configuration.
We recommend not configuring a Domain Controller manually. | | Target Local Group and/or User Session Collection by Organizational Unit | Define one or more OUs within a domain to only collect Local Group and Session data from computers contained within the specified OUs and their descendants.
If left empty, SharpHoun_d will collect from all OUs._
If defined, the schedule or On Demand Scan will not collect AD structure data. A dedicated schedule or On Demand Scan must therefore be created for AD structure collection.
_Note: Not supported with multi-domain collections._ | | Scope Collection to Multiple Domains | Utilize trust relationships in your environment to collect data from multiple domains.
If left empty, SharpHound will collect from the domain to which the Service Account belongs.
SharpHound supports two options:
* Define a specific list of domains from which to collect data.
* Collect data from all domains within the forest that the SharpHound service account belongs.
_Note: Multi-domain collections cannot be scoped by OU._ | diff --git a/docs/install-data-collector/install-sharphound/troubleshooting.mdx b/docs/install-data-collector/install-sharphound/troubleshooting.mdx index 3772d83..125fe63 100644 --- a/docs/install-data-collector/install-sharphound/troubleshooting.mdx +++ b/docs/install-data-collector/install-sharphound/troubleshooting.mdx @@ -4,7 +4,7 @@ title: Troubleshoot Local Collection Coverage
-SharpHound collects data from domain-joined systems utilizing SMB/RPC on port 445/TCP and requires the account running SharpHound (e.g., the SharpHound Enterprise gMSA) to have local administrator membership on each system in scope, see [SharpHound Data Collection and Permissions](/collect-data/enterprise-collection/permissions).
+SharpHound collects data from domain-joined systems utilizing SMB/RPC on port 445/TCP and requires the account running SharpHound (e.g., the SharpHound Enterprise gMSA) to have local administrator membership on each system in scope, see [SharpHound Data Collection and Permissions](/collect-data/permissions).
This article can assist in troubleshooting why a local collection is not successful for all systems in scope.