FSProtect
  • Introduction
    • FSProtect - Active Directory Security Assessment
    • Glossary
    • Architecture
    • Requirements
    • Installation
    • Update
  • Scans
    • New Scan
    • Scans
    • Policies
  • Dashboard
  • Trend Insights
  • Issues
  • Impacts
  • Attack Surface
    • Forests
    • Domains
    • Computers
    • Users
    • Groups
    • GPOs
    • OUs
    • MSAs
    • GMSAs
    • Local Users
    • Local Groups
    • Certificate Authorities
    • Certificate Templates
    • CA Certificates
  • GPO Audit
    • GPO Comparison
    • RSoP Comparison
    • Custom Baselines
  • Integrations
    • CyberArk
    • Mail
    • Jira
  • Search & Reports
    • Domain
    • Computer
    • User
    • Group
    • GPO
    • OU
    • ManagedServiceAccount
    • GroupManagedServiceAccount
    • LocalUser
    • LocalGroup
    • CertificateAuthority
    • CertificateTemplate
    • CACertificate
    • SPN
    • SmbShare
  • Health Check
  • Visualize
  • Settings
    • User Settings
    • LDAP Authentication Settings
    • Roles and Permissions
    • Token Expiration Settings
  • Share Audit
    • Summary
    • Secrets
    • Settings
Powered by GitBook
On this page
  • Local Group Details
  • Information
  • Details
  • Groups
  • Users
  • Computers
  • Local Groups
  • Local Users
  • MSAs
  • GMSAs

Was this helpful?

  1. Attack Surface

Local Groups

PreviousLocal UsersNextCertificate Authorities

Last updated 6 months ago

Was this helpful?

The Local Groups page provides a list of enumerated local groups in entire Acitve Directory. The list contains the Computer, RDP, Exec DCOM, Exec PWSH, Admin, and Member Count.

Local Group Details

Details page contains Information pane.

You can analyze objects in the Graph module by clicking the Visualize button on the upper left side of the Information Pane.

Information

Information Pane contains Details, Groups, Users, Computers, Local Groups, Local Users, MSAs and GMSAs tabs respectively.

Details

Details tab contains attributes below about local group object.

Attribute
Description

Object SID

Local security identifier of object.

Parent Local Group

Name of the direct parent group of the local group.

Computer

Name of the computer object that contains the local group.

Admin

Indicates whether the local group can have admin privilege on the computer.

RDP

Indicates whether the local group can have enough privilege to connect with RDP (Remote Desktop Protocol) to the computer.

Exec DCOM

Indicates whether the local group can have enough privilege to execute commands with DCOM(Distributed Component Object Model) protocol on the computer.

Exec Powershell

Indicates whether the local group can have enough privilege to execute commands with Powershell on the computer.

Groups

Groups tab contains a list of groups that are children of the local group. This list also contains Privileged and Admin columns to identify the privilege levels of these groups.

Users

Users tab contains a list of users that are children of the local group. This list also contains Enabled column to identify the status of these users.

Computers

Computers tab contains a list of computer that are children of the local group. This list also contains IP Address column to identify the network addresses of these computers.

Local Groups

Local groups tab contains a list of local groups that are children of the local group.

Local Users

Local users tab contains a list of local users that are children of the local group.

MSAs

MSAs tab contains a list of managed service accounts that are children of the local group. This list also contains Enabled column to identify the status of these accounts.

GMSAs

GMSAs tab contains a list of group managed service accounts that are children of the local group. This list also contains Enabled column to identify the status of these accounts.

Local Groups
Local Group Details
Groups
Users
Computers
Local Groups
Local Users
MSAs
GMSAs