You’re conducting a penetration test on a network, and you discover that the target environment uses Active Directory. After some initial recon, you find:
❶ An open SMB port (445) on one of the servers
❷ A valid set of low-privileged domain user credentials - user1: Password123
How would you enumerate the Active Directory environment to gather useful information for further attacks?