Active Directory Basics - TryHackMe Walkthrough — ComplexSec (2023)

TryHackMeWindows Fundamentals

Written By ComplexSec

Active Directory Basics - TryHackMe Walkthrough — ComplexSec (1)

The link for this lab is located here:

In this room, we will give an introduction to Active Directory - a staple in modern networks and widely used in large corporate networks.

Active Directory Basics - TryHackMe Walkthrough — ComplexSec (2)

Task 1 - Introduction

Active Directory is the directory service for Windows Domain Networks used by many top companies and is vital to understand when attacking Windows. It is recommended to have knowledge of basic network services, Windows, networking and PowerShell.

Active Directory is a collection of machines and servers connected inside of domains that are a collective part of a bigger forest of domains that make up the AD network. AD contains many functioning bits and pieces:

  • Domain Controllers

  • Forests, Trees, Domains

  • Users + Groups

  • Trusts

  • Policies

  • Domain Services

The majority of large companies use AD because it allows for the control of their user's computers through a single domain controller. It allows a single user to sign in to any computer on the AD network and have access to their files and folders as well as local storage on that machine.

This allows for any user in the company to use any machine that the company owns, without having to set up multiple users on a machine.

Active Directory Basics - TryHackMe Walkthrough — ComplexSec (3)

(Video) How To Enumerate SubDomains | TryHackMe SubDomain Enumeration

Task 2 - Physical Active Directory

The physical AD is the servers and machines on-premise - anything from domain controllers and storage servers to domain user machines. Everything needed for an AD environment besides the software.

A domain controller is a Windows server that has AD Domain Services (AD DS) installed and has been promoted to a domain controller in the forest. Domain controllers are the center of AD - they control the rest of the domain and much more such as:

The AD DS holds the databases and processes needed to store and manage directory information such as users, groups and services. Below is an outline of some of the contents and characteristics of the AD DS Data Store:

  • Contains the NTDS.dit - database that contains ALL information of an AD domain controller as well as password hashes for domain users

  • Stored by default in $SystemRoot%\NTDS

  • Accessible only by the domain controller


Q1: What database does the AD DS contain?A: NTDS.dit

Q2: Where is the NTDS.dit stored? A: %SystemRoot%\NTDS.dit

Q3: What type of machine can be a domain controller? A: Windows Server

Active Directory Basics - TryHackMe Walkthrough — ComplexSec (4)

Task 3 - The Forest

The forest is what defines everything - it is the container that holds all of the other bits and pieces of the network together. Without the forest, all of the other trees and domains would NOT be able to interact.

A forest is a collection of one or more domain trees inside of an AD network. It is what categorizes the parts of the network as a whole. The forest consists of these parts:

  • Trees - a hierarchy of domainds in AD DS

  • Domains - used to group and manage objects

  • Organizational Units (OU) - containers for groups, computers, users, printers, and other OUs

  • Trusts - allows users to access resources in other domains

  • Objects - users, groups, printers, computers, shares

  • Domain Services - DNS Server, LLMNR, IPv6

  • Domain Schema - Rules for object creation


Q1: What is the term for a hierarchy of domains in a network? A: Tree

Q2: What is the term for the rules for object creation? A: Domain Schema

Q3: What is the term for containers for groups, computers, users, printers, and other OUs? A: Organizational Units

Active Directory Basics - TryHackMe Walkthrough — ComplexSec (5)

Task 4 - Users + Groups

The users and groups that are inside of an AD are up to you; when you create a domain controller, it comes with default groups and two default users (Administrator and Guest).

Users are the core to AD. There are four main types of users you will find in AD networks; however, there can be more depending on how a company manages the permissions of users:

  • Domain Admins - they control the domains and are the only ones with access to the domain controller

  • Service Accounts (can be domain admins) - these are never used except for service maintenance, they are required by Windows for services such as SQL to pair a service with a service account

  • Local Administrators - can make changes to local machines as an admin and may control other normal users, but cannot access the domain controller

  • Domain Users - everyday users, can login to machines they have authorization to access and may have local admin rights to machines depending on the organization

Groups make it easier to give permissions to users and objects by organizing them into groups with specific permissions. There are two overarching types of AD groups:

  • Security Groups - used to specify permissions for a large number of users

  • Distribution Groups - used to specify email distribution lists

There are a lot of default security groups:

  • Domain Controllers - All domain controllers in the domain

  • Domain Guests - All domain guests

  • Domain Users - All domain users

  • Domain Computers - All workstations and servers joined to the domain

  • Domain Admins - Designated administrators of the domain

  • Enterprise Admins - Designated administrators of the enterprise

  • Schema Admins - Designated administrators of the schema

  • DNS Admins - DNS Administrators Group

  • DNS Update Proxy - DNS clients who are permitted to perform dynamic updates on behalf of some other clients (such as DHCP servers).

  • Allowed RODC Password Replication Group - Members in this group can have their passwords replicated to all read-only domain controllers in the domain

  • Group Policy Creator Owners - Members in this group can modify group policy for the domain

  • Denied RODC Password Replication Group - Members in this group cannot have their passwords replicated to any read-only domain controllers in the domain

  • Protected Users - Members of this group are afforded additional protections against authentication security threats. See for more information.

  • Cert Publishers - Members of this group are permitted to publish certificates to the directory

  • Read-Only Domain Controllers - Members of this group are Read-Only Domain Controllers in the domain

  • Enterprise Read-Only Domain Controllers - Members of this group are Read-Only Domain Controllers in the enterprise

  • Key Admins - Members of this group can perform administrative actions on key objects within the domain.

  • Enterprise Key Admins - Members of this group can perform administrative actions on key objects within the forest.

  • Cloneable Domain Controllers - Members of this group that are domain controllers may be cloned.

  • RAS and IAS Servers - Servers in this group can access remote access properties of users


Q1: Which type of groups specify user permissions? A: Security Groups

Q2: Which group contains all workstations and servers joined to the domain? A: Domain Computers

Q3: Which group can publish certificates to the directory? A: Cert Publishers

Q4: Which user can make changes to a local machine but not to a domain controller? A: Local Administrator

Q5: Which group has their passwords replicated to read-only domain controllers? A: Allowed RODC Password Replication Group

Active Directory Basics - TryHackMe Walkthrough — ComplexSec (6)

Task 5 - Trusts + Policies

Trusts and policies go hand in hand to help the domain and trees communicate with each other and maintain security inside of the network. They put the rules in place of how the domains inside of a forest can interact with each other, how an external forest can interact with the forest and the overall domain rules or policies that a domain MUST follow.

Trusts are a mechanism in place for users in the network to gain access to other resources in the domain. For the most part, trusts outline the way that the domains inside of a forest communicate to each other. In some environments, trusts can be extended out to external domains and even forests.

There are two types of trusts that determine how the domains communicate:

  • Directional - The direction of the trust flows from a trusting domain to a trusted domain

  • Transitive - the trust relationship expands beyond just two domains to include other trusted domains

The type of trusts determines how the domains and trees in a forest are able to communicate and send data to and from each other. When attacking an AD environment, you can sometimes abuse these trusts in order to move laterally throughout the network.

Policies dictate how the server operates and what rules it will and will NOT follow. They act as a rulebook for AD that a domain admin can modify and alter as they deem necessary to keep the network running smoothly and securely. Along with the long list of default domain policies, domain admins can choose to add in their own policies not already on the DC.

The options for domain policies are endless and are a big factor for attackers when enumerating AD networks.


Q1: What type of trust flows from a trusting domain to a trusted domain? A: Directional

Q2: What type of trusts expands to include other trusted domains? A: Transitive

Active Directory Basics - TryHackMe Walkthrough — ComplexSec (7)

Task 6 - Active Directory Domain Services + Authentication

The AD DS are the core functions of an AD network - they allow for management of the domain, security certificates, LDAPs and more. This is how the domain controller decides what it wants to do and what services it wants to provide for the domain.

Domain Services are services that the DC provides to the rest of the domain or tree. There is a wide range of various services that can be added to a domain controller. Some default domain services are:

  • LDAP - provides communication between apps and directory services

  • Certificate Services - allows domain controller to create, validate, and revoke public key certificates

  • DNS, LLMNR, NBT-NS - Domain Name Services for identifying IP hostnames

The most important part of AD is the authentication protocols set in place. There are two main types of authentication in place for AD - NTLM and Kerberos:

  • Kerberos - the default authentication services for AD uses ticket-granting tickets and service tickets to authenticate users and give users access to other resources across the domain

  • NTLM - default Windows authentication protocol uses an encrypted challenge/response protocol

The AD DS are the main access point for attackers and contain some of the most vulnerable protocols for AD.


Q1: What type of authentication uses tickets? A: Kerberos

Q2: What domain service can create, validate and revoke public key certificates? A: Certificate Services

Active Directory Basics - TryHackMe Walkthrough — ComplexSec (8)

Task 7 - AD in the Cloud

The most notable AD cloud provider is Azure AD. Its default settings are much more secure than an on-premise physical AD network but still has vulnerabilities.

Azure acts as the middle man between your physical AD and your user's sign on. This allows for a more secure transaction between domains, making a lot of AD attacks ineffective.

The best way to show how the cloud takes security precautions past what is already provided with a physical network is to show a comparison with a cloud AD environment:


Q1: What is the Azure AD equivalent of LDAP? A: REST APIs

Q2: What is the Azure AD equivalent of Domains and Forests? A: Tenants

Q3: What is the Windows Server AD equivalent of Guests? A: Trusts

Active Directory Basics - TryHackMe Walkthrough — ComplexSec (10)

Task 8 - Hands-On Lab

We can take a look at the internals of AD by using PowerShell commands to view machines, computers, users and groups. First, set up PowerView by running the following:

Active Directory Basics - TryHackMe Walkthrough — ComplexSec (11)

Some example commands are:

Get-NetComputer -FullData | select operatingsystem (gets a list of all OS on the domain)

Active Directory Basics - TryHackMe Walkthrough — ComplexSec (12)

Get-NetUser | select cn (gets list of all users on the domain)

Active Directory Basics - TryHackMe Walkthrough — ComplexSec (13)


Q2: What is the name of the Windows 10 operating system? A: Looking at the first screenshot above, we can see it is Windows 10 Enterprise Evaluation

Q3: What is the second "Admin" name? A: Looking at the second screenshot, we can see it is Admin2

Q4: Which group has a capital "V" in the group name? A: Using the command "Get-NetGroup" reveals the groups and the answer

Active Directory Basics - TryHackMe Walkthrough — ComplexSec (14)

Q5: When was the password last set for the SQLService user? A: Using the command "Get-NetUser -Username SQLService | select pwdlastset", we can see it was last set on 5/13/2020 8:26:58 PM

Active Directory Basics - TryHackMe Walkthrough — ComplexSec (15)

Active Directory Basics - TryHackMe Walkthrough — ComplexSec (16)

Task 9 - Conclusion

That is all the basics of AD that you need to know to understand how it interacts inside of the network. Now that you know the basics, go and find the vulnerabilities inside these networks and see what makes AD such a big deal.

tryhackmethmtryhackmetryhackme walkthroughwalkthroughactive directoryad basicsactivedirectorytryhackme active directorytryhackme ad basicstryhackme beginner roomactive directory basicslearn active directorywhat is active directoryactive directory thm roomthm ad


What are the basics of Active Directory? ›

The following topics are core concepts of Active Directory Domain Services:
  • Attributes.
  • Containers and Leaves.
  • Object Names and Identities.
  • Naming Contexts and Directory Partitions.
  • Domain Trees.
  • Forests.
  • Active Directory Servers and Dynamic DNS.
  • Replication and Data Integrity.
Aug 23, 2019

What database does the ad ds contain Tryhackme? ›

#1 What database does the AD DS contain? Contains the NTDS. dit — a database that contains all of the information of an Active Directory domain controller as well as password hashes for domain users.

How do you analyze Active Directory? ›

Analyzing information in Active Directory
  1. Open Access Manager. ...
  2. In the console tree, select the Access Manager root node, right-click, then click Analyze.
  3. Select the types of checks you want to perform, then click Next to generate the report. ...
  4. Review the result summary, then click Finish.
Jul 23, 2021

What tool will allow us to enumerate port 139 445 Tryhackme? ›

We can also use enum4linux on port 139/445 to enumerate the NetBIOS for information such as the existing usernames, NetBIOS-Domain Name, SID, etc.

What are the 5 roles of Active Directory? ›

Currently in Windows there are five FSMO roles:
  • Schema master.
  • Domain naming master.
  • RID master.
  • PDC emulator.
  • Infrastructure master.
Dec 1, 2021

What are the 3 basic Active Directory roles? ›

Active Directory has five FSMO roles:
  • Schema Master.
  • Domain Naming Master.
  • Infrastructure Master.
  • Relative ID (RID) Master.
  • PDC Emulator.
Nov 30, 2021

What are the 4 features of AD DS? ›

AD DS provides for security certificates, Single Sign-On (SSO), LDAP, and rights management.

What is the difference between AD and AD DS? ›

AD DS is the central database without which user and resource management in your business network would not be possible. In contrast to Azure AD, which is a cloud service and thus does not require local infrastructure, on-premises Active Directory employs a hierarchical framework.

Does LDAP use a database? ›

In short, a client sends a request for information stored within an LDAP database along with the user's credentials to an LDAP server. The LDAP server then authenticates the credentials submitted by the user against their core user identity, which is stored in the LDAP database.

How do I check AD logs? ›

Active Directory event logging tool

You can open the Event Viewer by clicking on : Start → System security → Administrative tools → Event viewer. Event Viewer classifies the events as below: Error: A significant problem, such as loss of data or loss of functionality.

How do I check AD user logs? ›

To check user login history in Active Directory, enable auditing by following the steps below:
  1. 1 Run gpmc. ...
  2. 2 Create a new GPO.
  3. 3 Click Edit and navigate to Computer Configuration > Policies > Windows Settings > Security Settings > Advanced Audit Policy Configuration > Audit Policies.

What is the difference between port 139 and 445? ›

Port 139: SMB originally ran on top of NetBIOS using port 139. NetBIOS is an older transport layer that allows Windows computers to talk to each other on the same network. Port 445: Later versions of SMB (after Windows 2000) began to use port 445 on top of a TCP stack. Using TCP allows SMB to work over the internet.

What is Port No 445 used for? ›

Port 445 is a traditional Microsoft networking port with tie-ins to the original NetBIOS service found in earlier versions of Windows OSes. Today, port 445 is used by Microsoft Directory Services for Active Directory (AD) and for the Server Message Block (SMB) protocol over TCP/IP.

What is Port No 139 used for? ›

Port 139 is used by SMB dialects that communicate over NetBIOS. It operates as an application layer network protocol for device communication in Windows operating systems over a network. For example, printers and serials ports communicate via Port 139.

What are the 4 types of Microsoft Active Directory? ›

Below we'll explain their differences in order to help you decide what you need.
  • Active Directory (AD) ...
  • Azure Active Directory (AAD) ...
  • Hybrid Azure AD (Hybrid AAD) ...
  • Azure Active Directory Domain Services (AAD DS)
Aug 25, 2019

What is LDAP in Active Directory? ›

Lightweight Directory Access Protocol (LDAP) is an application protocol for working with various directory services. Directory services, such as Active Directory, store user and account information, and security information like passwords.

What are the two types of Active Directory? ›

Active Directory has two types of groups: Security groups: Use to assign permissions to shared resources.
Group scope
  • Universal.
  • Global.
  • Domain Local.
Oct 5, 2022

What is DNS in Active Directory? ›

Active Directory Domain Services (AD DS) uses Domain Name System (DNS) name resolution services to make it possible for clients to locate domain controllers and for the domain controllers that host the directory service to communicate with each other.

What is Sysvol? ›

The term SYSVOL refers to a set of files and folders that reside on the local hard disk of each domain controller in a domain and that are replicated by the File Replication service (FRS). Network clients access the contents of the SYSVOL tree by using the following shared folders: NETLOGON.

What are Active Directory skills? ›

These active directory skills are always in high demand:

Exchange Servers Implementation, Configuration, and Administration. Certificate Authority Installation, Configuration, and Administration. Hyper-V Virtual Machines Installation and Configuration. OCS Configuration and Administration.

What is difference between AD and LDAP? ›

AD is a directory service for Microsoft that makes important information about individuals available on a limited basis within a certain entity. Meanwhile, LDAP is a protocol not exclusive to Microsoft that allows users to query an AD and authenticate access to it.

What is difference between AD and ADC? ›

The main difference between Active Directory and Domain Controller is that Active Directory is a directory service developed for Windows domain networks while Domain controller is a server that runs on Active Directory Domain Service.

What is AD DS in simple words? ›

A directory service, such as Active Directory Domain Services (AD DS), provides the methods for storing directory data and making this data available to network users and administrators.

Is AD and DNS the same? ›

While DNS domains and AD DS domains typically have the same name, they are two separate objects with different roles. DNS stores zones and zone data required by AD DS and responds to DNS queries from clients. AD DS stores object names and object records and uses LDAP queries to retrieve or modify data.

Is Azure the same as Active Directory? ›

Azure AD is not simply a cloud version of AD as the name might suggest. Although it performs some of the same functions, it is quite different. Azure Active Directory is a secure online authentication store, which can contain users and groups.

Do I need Windows Server for Active Directory? ›

Can You Run Active Directory Without a Server? The short answer is no, simply because Active Directory requires an on-prem server (i.e. software installed on a machine somewhere that an IT admin manages) to operate, even though this hardware isn't being utilized in how it was in years prior.

Does LDAP Use DNS? ›

Most LDAP clients need to be explicitly configured with the addresses of the LDAP servers to use. However, RFC 2782 describes an alternative way of figuring out what directory servers are available: DNS SRV resource records, also called DNS service records.

What is the difference between SSO and LDAP? ›

What is the difference between SSO and LDAP? SSO is a convenient authentication method that allows users to access multiple applications and systems using just one login. LDAP is the protocol or communication process that will enable users to access a network resource through a directory service.

Is LDAP similar to SQL? ›

Although Comparing LDAP and SQL is a common discussion, it is really comparing Apples and Oranges. LDAP is a Communications protocol and SQL (Structured Query Language) is a special-purpose programming language designed for managing data in relational database management systems (RDBMS).

How do I start Active Directory? ›

To open Active Directory Users and Computers, log into a domain controller, and open Server Manager from the Start menu. Now, in the Tools menu in Server Manager, click Active Directory Users and Computers. For more details on accessing Active Directory and other ways to access the admin tools, keep reading!

How many types of Active Directory are there? ›

There are technically 7 different types of Active Directory. Each of them are deployed in different way, places and for different purposes.

What is Active Directory and how it works? ›

Active Directory (AD) is Microsoft's proprietary directory service. It runs on Windows Server and enables administrators to manage permissions and access to network resources. Active Directory stores data as objects. An object is a single element, such as a user, group, application or device such as a printer.

How do I find LDAP logs? ›

Once LDAP events have been enabled, open the Windows Event Viewer and navigate to Applications and Services Logs > Directory Service. Before running the widget test or trying to authenticate via the splash page to generate some logs, clear the older logs or filter the current logs over the last hour.

Where is AD data stored? ›

The AD database is stored in the NTDS. DIT file located in the NTDS folder of the system root, usually C:\Windows. AD uses a concept known as multimaster replication to ensure that the data store is consistent on all DCs. This process is known as replication.

What event ids should I monitor? ›

42 Windows Server Security Events You Should Monitor
Event IDWhat it means
4624Successful account log on
4625Failed account log on
4634An account logged off
4648A logon attempt was made with explicit credentials
33 more rows

How can I get a list of AD users? ›

The steps you need to take are as follows:
  1. Access your Exchange Admin Center, go to recipients tab, click more options and choose “Export data do CSV file”.
  2. Next, select the columns which you want to export to CSV file and click “export”:
Jan 27, 2017

How do I audit users in Active Directory? ›

Go to Computer Configuration → Policies → Windows Settings → Security Settings → Local Policies → Audit Policies. Select Audit object access and Audit directory service access. Select both the Success and Failure options to audit all accesses to every Active Directory object.

How do I control a domain user? ›

To set up the Domain User account: Click the Domain User icon at the Domain administration page. The Domain User Properties page appears. To allow access to the control panel for the domain user select the checkbox Allow domain user access.

Is SMB UDP or TCP? ›

Summary. Windows supports file and printer-sharing traffic by using the SMB protocol directly hosted on TCP. SMB 1.0 and older CIFS traffic supported the NetBIOS over TCP (NBT) protocol supported the UDP transport, but starting in Windows Vista and Windows Server 2008 with SMB 2.0. 2, requires TCP/IP over port 445.

What port is DHCP? ›

DHCP is a network protocol to used to configure IP networks. A DHCP server listens to UDP port 67 and dynamically assigns IP addresses and other network parameters to DHCP clients. These clients will listen for responses on UDP port 68.

What is TCP 464 used for? ›

TCP is one of the main protocols in TCP/IP networks. Whereas the IP protocol deals only with packets, TCP enables two hosts to establish a connection and exchange streams of data. TCP guarantees delivery of data and also guarantees that packets will be delivered on port 464 in the same order in which they were sent.

What is port No 666? ›

Service Name and Transport Protocol Port Number Registry
Service NamePort NumberDescription
doom666doom Id Software
doom666doom Id Software
27 more rows

What port is 443 used for? ›

Port 443 is a virtual port that computers use to divert network traffic. Billions of people across the globe use it every single day. Any web search you make, your computer connects with a server that hosts that information and fetches it for you. This connection is made via a port – either HTTPS or HTTP port.

What is the port 444? ›

The port 444 is standard for SNPP servers, and it is free to use from the sender's point of view. Maximum message length can be carrier-dependent. Once connected, a user can simply enter the commands to send a message to a pager connected to that network.

Is 8080 a valid port number? ›

Port number 8080 is usually used for web servers. When a port number is added to the end of the domain name, it drives traffic to the web server. However, users can not reserve port 8080 for secondary web servers.

Is port 123 a TCP or UDP? ›

NTP is a built-on UDP, where port 123 is used for NTP server communication and NTP clients use port 1023 (for example, a desktop). Unfortunately, like many legacy protocols, NTP suffers from security issues.

Why is port 111 used? ›

Answer : PORT 111 is the SUN Remote Procedure Call. This port is used as a well-defined means for determining the ports upon which other services in the system are running. It is referred to as a "portmapper" because it provides a directory, or "mapping" between available services and their ports.

What are the 4 parts of an Active Directory? ›

The key components include domain, tree, forest, organizational unit, and site. As you read through each structural component description, consider that domains, trees, forest, and sites are not only integral with Active Directory but also integral with DNS.

What is the difference between AD and LDAP? ›

AD is a directory service for Microsoft that makes important information about individuals available on a limited basis within a certain entity. Meanwhile, LDAP is a protocol not exclusive to Microsoft that allows users to query an AD and authenticate access to it.

Is Active Directory TCP or UDP? ›

Active Directory
Client PortsServer PortProtocol
Mar 23, 2022

How many types of LDAP are there? ›

There are ten basic types of operations in LDAP: Bind — Authenticate a user and change the identity of the client connection.

Is Active Directory an AAA? ›

The AAA server compares a user's authentication credentials with other user credentials stored in a database; in this case, that database is Active Directory. If the user's login credentials match, the user is granted access to the network.

What is the main purpose of Active Directory? ›

What Does Active Directory Do? AD serves as a centralized security management solution that houses all network resources. The purpose of Active Directory is to enable organizations to keep their network secure and organized without having to use up excessive IT resources.

What is the best way to learn Active Directory? ›

How to Learn Active Directory: Step-by-Step
  1. Install software. There are many different versions of Windows, so you should download the server administrator tool that matches the operating system on your device.
  2. Watch tutorials. ...
  3. Sign up for classes. ...
  4. Read books. ...
  5. Practice.
Dec 15, 2020

How do I become good at Active Directory? ›

Top 10 Tips and Tricks for Active Directory Management
  1. Add Detailed Descriptions to AD Groups. ...
  2. Avoid Groups with Similar Names. ...
  3. Educate Your Users. ...
  4. Disable Guest Accounts And Rename Default Administrator. ...
  5. Delegate Tasks Whenever You Can. ...
  6. Take Care of Your Servers' Physical Security. ...
  7. Plan and Test Recovery Systems.
Aug 24, 2021

Is Active Directory difficult? ›

Microsoft Active Directory (AD) is a reliable, scalable solution for managing users, resources and authentication in a Windows environment. However, like any software tool, it has limitations that can be difficult to overcome.

Top Articles
Latest Posts
Article information

Author: Dan Stracke

Last Updated: 03/30/2023

Views: 6045

Rating: 4.2 / 5 (43 voted)

Reviews: 90% of readers found this page helpful

Author information

Name: Dan Stracke

Birthday: 1992-08-25

Address: 2253 Brown Springs, East Alla, OH 38634-0309

Phone: +398735162064

Job: Investor Government Associate

Hobby: Shopping, LARPing, Scrapbooking, Surfing, Slacklining, Dance, Glassblowing

Introduction: My name is Dan Stracke, I am a homely, gleaming, glamorous, inquisitive, homely, gorgeous, light person who loves writing and wants to share my knowledge and understanding with you.