Local Groups

The Local Groups page provides a list of enumerated local groups in entire Acitve Directory. The list contains the Computer, RDP, Exec DCOM, Exec PWSH, Admin, and Member Count.

Local Group Details

Details page contains Information pane.

You can analyze objects in the Graph module by clicking the Visualize button on the upper left side of the Information Pane.

Information

Information Pane contains Details, Groups, Users, Computers, Local Groups, Local Users, MSAs and GMSAs tabs respectively.

Details

Details tab contains attributes below about local group object.

Attribute

Description

Object SID

Local security identifier of object.

Parent Local Group

Name of the direct parent group of the local group.

Computer

Name of the computer object that contains the local group.

Admin

Indicates whether the local group can have admin privilege on the computer.

RDP

Indicates whether the local group can have enough privilege to connect with RDP (Remote Desktop Protocol) to the computer.

Exec DCOM

Indicates whether the local group can have enough privilege to execute commands with DCOM(Distributed Component Object Model) protocol on the computer.

Exec Powershell

Indicates whether the local group can have enough privilege to execute commands with Powershell on the computer.

Groups

Groups tab contains a list of groups that are children of the local group. This list also contains Privileged and Admin columns to identify the privilege levels of these groups.

Users

Users tab contains a list of users that are children of the local group. This list also contains Enabled column to identify the status of these users.

Computers

Computers tab contains a list of computer that are children of the local group. This list also contains IP Address column to identify the network addresses of these computers.

Local Groups

Local groups tab contains a list of local groups that are children of the local group.

Local Users

Local users tab contains a list of local users that are children of the local group.

MSAs

MSAs tab contains a list of managed service accounts that are children of the local group. This list also contains Enabled column to identify the status of these accounts.

GMSAs

GMSAs tab contains a list of group managed service accounts that are children of the local group. This list also contains Enabled column to identify the status of these accounts.

PreviousLocal Users NextCertificate Authorities

Last updated 2 months ago

Was this helpful?

Details

Details tab contains attributes below about local group object.

Attribute

Description

Object SID

Local security identifier of object.

Parent Local Group

Name of the direct parent group of the local group.

Computer

Name of the computer object that contains the local group.

Admin

Indicates whether the local group can have admin privilege on the computer.

RDP

Indicates whether the local group can have enough privilege to connect with RDP (Remote Desktop Protocol) to the computer.

Exec DCOM

Indicates whether the local group can have enough privilege to execute commands with DCOM(Distributed Component Object Model) protocol on the computer.

Exec Powershell

Indicates whether the local group can have enough privilege to execute commands with Powershell on the computer.