FSProtect
  • Introduction
    • FSProtect - Active Directory Security Assessment
    • Glossary
    • Architecture
    • Requirements
    • Installation
    • Update
  • Scans
    • New Scan
    • Scans
    • Policies
  • Dashboard
  • Trend Insights
  • Issues
  • Impacts
  • Attack Surface
    • Forests
    • Domains
    • Computers
    • Users
    • Groups
    • GPOs
    • OUs
    • MSAs
    • GMSAs
    • Local Users
    • Local Groups
    • Certificate Authorities
    • Certificate Templates
    • CA Certificates
  • GPO Audit
    • GPO Comparison
    • RSoP Comparison
    • Custom Baselines
  • Integrations
    • CyberArk
    • Mail
    • Jira
  • Search & Reports
    • Domain
    • Computer
    • User
    • Group
    • GPO
    • OU
    • ManagedServiceAccount
    • GroupManagedServiceAccount
    • LocalUser
    • LocalGroup
    • CertificateAuthority
    • CertificateTemplate
    • CACertificate
    • SPN
    • SmbShare
  • Health Check
  • Visualize
  • Settings
    • User Settings
    • LDAP Authentication Settings
    • Roles and Permissions
    • Token Expiration Settings
  • Share Audit
    • Summary
    • Secrets
    • Settings
Powered by GitBook
On this page
  • Organizational Unit Details
  • Information
  • Details
  • Groups
  • Users
  • Computers
  • OUs
  • MSAs
  • GMSAs
  • Linked GPOs
  • Issues

Was this helpful?

  1. Attack Surface

OUs

PreviousGPOsNextMSAs

Last updated 6 months ago

Was this helpful?

The OUs page provides a list of enumerated organizational unit objects in entire Acitve Directory. The list contains the Member Count, Risk Score,Exposure Point and Issue Counts.

Organizational Unit Details

Details page contains the Risk Score of the organizational unit,Exposure Point Information, and Issues panes.

You can analyze objects in the Graph module by clicking the Visualize button on the upper left side of the Information Pane.

Information

Information Pane contains Details, Groups, Users, Computers, OUs, MSAs, GMSAs, and Linked GPOs tabs respectively.

Details

Details tab contains attributes below about organizational unit.

Attribute
Description

Distinguished Name

Active Directory distinguished name of the object. (Ldap Display Name: distinguishedName)

Description

Description text to display for an object. (Ldap Display Name: description)

Parent OU

The direct parent Organizational Unit of the object.

Block Inheritance

Indicates whether the OU blocks Group Policy inheritance. (Ldap Display Name: gPOptions)

Created Time

The date when this object was created. (Ldap Display Name: whenCreated)

Last Changed Time

The date when this object was last changed. (Ldap Display Name: whenChanged)

Groups

Groups tab contains a list of groups that are in the organizational unit. This list also contains Privileged and Admin columns to identify the privilege levels of these groups.

Users

Users tab contains a list of users that are in the organizational unit. This list also contains Enabled column to identify the status of these users.

Computers

Computers tab contains a list of computers that are in the organizational unit. This list also contains IP address column to identify the network address of these computers.

OUs

OUs tab contains a list of organizational units that are in the organizational unit.

MSAs

MSAs tab contains a list of managed service accounts that are in the organizational unit.

GMSAs

MSAs tab contains a list of group managed service accounts that are in the organizational unit.

Linked GPOs

Linked GPOs tab contains a list of group policy objects that are linked to the organizational unit directly. This list also contains Enforced and Order columns to highlight the enforcement status and link order of these group policy objects.

Issues

Issues pane contains identified issues on the organizational unit object.

Organizational Units
Organizational Unit Details
Groups
Users
Computers
OUs
MSAs
GMSAs
Linked GPOs
Issues