Groups
The Groups page provides a list of enumerated groups in entire Acitve Directory. The list contains the Privileged, Admin, Local Admin, Member Count, Risk Score, and Issue Counts.
Group Details
Details page contains the Risk Score of the group, Information, and Issues panes.
You can analyze objects in the Graph module by clicking the Visualize button on the upper left side of the Information Pane.
Information
Information Pane can contain different badges to highlight important attributes.
| Badge | Description |
|---|---|
Privileged | Indicates that the object is Privileged. |
Admin | Indicates that the object is Admin. |
Local Admin | Indicates that the object is a member (direct or nested) of a local administrators group in at least one computer. |
Information Pane contains Details, Parent Groups, Child Groups, Child Users, Child Computers and Local Memberships tabs respectively.
Details
Details tab contains attributes below about group object.
| Attribute | Description |
|---|---|
SAM AccountName | The logon name used to support clients and servers running earlier versions of the operating system, such as Windows NT 4.0, Windows 95, Windows 98, and LAN Manager. (Ldap Display Name: sAMAccountName) |
Distinguished Name | Active Directory distinguished name of the object. (Ldap Display Name: distinguishedName) |
Object Category | An object class name used to group objects of this or derived classes. (Ldap Display Name: objectCategory) |
Object Sid | Active Directory security identifier of object. (Ldap Display Name: objectSid) |
Parent OU | The direct parent Organizational Unit of the object. |
Name | Name of the specified object. (Ldap Display Name: name) |
Created Time | The date when this object was created. (Ldap Display Name: whenCreated) |
Last Changed Time | The date when this object was last changed. (Ldap Display Name: whenChanged) |
Description | Description text to display for an object. (Ldap Display Name: description) |
Parent Groups
Parent Groups tab contains a list of groups that the group is a member of. This list also contains Privileged and Admin columns to identify the privilege levels of these groups.
Child Groups
Child Groups tab contains a list of groups that are children of the group. This list also contains Privileged and Admin columns to identify the privilege levels of these groups.
Child Users
Child Users tab contains a list of users that are children of the group. This list also contains Enabled column to identify the status of these users.
Child Computers
Child Computers tab contains a list of computer that are children of the group. This list also contains IP Address column to identify the network addresses of these computers.
Local Memberships
Local Memberships tab contains a list of local groups that the group is a member of.
Local Group Name: Name of the local group that the group is a member of.
Computer: Name of the computer object that contains the local group.
Exec DCOM: Indicates whether the local group can have enough privilege to execute commands with DCOM(Distributed Component Object Model) protocol on the computer.
Exec PWSH: Indicates whether the local group can have enough privilege to execute commands with Powershell on the computer.
Admin: Indicates whether the local group can have admin privilege on the computer.
Issues
Issues pane contains identified issues on the group object.
Last updated
