CertificateAuthority

Field Type Possible Operators Description

Field	Type	Possible Operators	Description
Guid	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	A unique identifier that is a combination of GUID of selected `Scan` and Active Directory `ObjectGUID` of the object.
FSName	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	A special unique identifier that is a combination of the `Name of the object` and the `FSName of the Forest`.
DistinguishedName	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	Active Directory distinguished name of the object. (Ldap Display Name: distinguishedName)
IsWebEnrollmentEnabled	BOOLEAN	`N/A`	Whether the certificate authority server supports web-based enrollment for the clients.
AllowsUserSpecifiedSANs	BOOLEAN	`N/A`	Whether specifying a Subject Alternative Name (SAN) during certificate enrollment to any certificate template that is published by this certificate authority server has been allowed.
CertificateManagerRestrictions	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	Some organizations require further restrictions on certificate manager activities. Rather than allow a certificate manager to issue or revoke any certificate issued by a CA, the organization might want a certificate manager to only manage a subset of all certificates. Specified property contains the defined certificate manager restrictions on the certificate authority. The data in this column formatted as, `Name of the Certificate Manager`,`Name of the Template` ,`Name of the Principal`,`Access Type`. The definition is, `Name of the Certificate Manager` has `Access Type` rights on `Name of the Principal` to manage the `Name of the Template` template.
EnrollmentAgentRestrictions	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	An enrollment agent is a user who can enroll for a certificate on behalf on another client. Unlike a certificate manager, an enrollment agent can only process the enrollment request and cannot approve pending requests or revoke issued certificates. Some organizations require further restrictions on enrollment agents. Rather than allow a certificate request agent to to enroll on behalf any client issued by a CA, the organization might want a certificate request agent to only enroll on behalf of a subset of all certificate templates or clients. Specified property contains the defined certificate request agent restrictions on the certificate authority. The data in this column formatted as, `Name of the Enrollment Agent`,`Name of the Template` ,`Name of the Principal`,`Access`. The definition is, `Name of the Enrollment Agent` has `Access Type` rights to enroll on behalf of `Name of the Principal` to the `Name of the Template` certificate template.
IsAdmin	BOOLEAN	`N/A`	Indicates that the object is Admin.
DNSHostName	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	Fully qualified domain name of computer as registered in DNS. (Ldap Display Name: dNSHostName)
CertificateEnrollmentWebServiceUrls	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	Certificate enrollment web service url addresses of the certificate authority.
FullName	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	Combination of the DNSHostName and the Name of the certificate authority.
WhenChanged	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	The date when this object was last changed. (Ldap Display Name: whenChanged)
isEnterpriseCA	BOOLEAN	`N/A`	Whether the certificate authority is an enterprise certificate authority instance. Enterprise certificate authorities are domain members and typically online to issue certificates or certificate policies.
inComputerName	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	FSName of the computer that contains the certificate authority instance.
CAEnrollmentInterfacesEPADisabled	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	The Web-based endpoints of the certificate authority with Extended Authentication Protection (EPA) disabled.
WhenCreated	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	The date when this object was created. (Ldap Display Name: whenCreated)
EnterpriseCAName	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	Name of the CA server, specified in the ADCS installation.
inComputerGuid	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	Guid of the computer that contains the certificate authority instance.
risk	NUMBER	`EQUAL`, `BETWEEN`, `SMALLER`, `LARGER`, `SMALLER_EQUAL`, `LARGER_EQUAL`	The risk score of the object that calculated based on vulnerability counts and severities.
CaCertificateDN	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	Full distinguished name from the CA certificate.
CAEnrollmentInterfacesHTTPEnabled	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	The Web-based endpoints of the certificate authority with HTTP enabled.
isRootCA	BOOLEAN	`N/A`	Whether the certificate authority is an root certificate authority instance. The root certificate authorities are the first and may be the only certificate authorities configured in a Public Key Infrastructure(PKI) hierarchy.
DisplayName	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	The display name for an object. (LDAP Display Name: displayName)
CertificateEnrollmentPolicyWebServiceUrls	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	Certificate enrollment policy web service url addresses of the certificate authority.
NetworkDeviceEnrollmentServiceUrls	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	Network device enrollment url addresses of the certificate authority.
CAWebEnrollmentUrls	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	Certificate authority web enrollment url addresses of the certificate authority.
CAFlags	TEXT	`LIKE`, `EQUAL`, `NOT_EQUAL`	The certificate authority flags attribute stores the bitwise combination of the certificate authority server's capabilities.

Guid

TEXT

LIKE, EQUAL, NOT_EQUAL

A unique identifier that is a combination of GUID of selected Scan and Active Directory ObjectGUID of the object.

FSName

TEXT

LIKE, EQUAL, NOT_EQUAL

A special unique identifier that is a combination of the Name of the object and the FSName of the Forest.

DistinguishedName

TEXT

LIKE, EQUAL, NOT_EQUAL

Active Directory distinguished name of the object. (Ldap Display Name: distinguishedName)

IsWebEnrollmentEnabled

BOOLEAN

N/A

Whether the certificate authority server supports web-based enrollment for the clients.

AllowsUserSpecifiedSANs

BOOLEAN

N/A

Whether specifying a Subject Alternative Name (SAN) during certificate enrollment to any certificate template that is published by this certificate authority server has been allowed.

CertificateManagerRestrictions

TEXT

LIKE, EQUAL, NOT_EQUAL

Some organizations require further restrictions on certificate manager activities. Rather than allow a certificate manager to issue or revoke any certificate issued by a CA, the organization might want a certificate manager to only manage a subset of all certificates. Specified property contains the defined certificate manager restrictions on the certificate authority. The data in this column formatted as, Name of the Certificate Manager,Name of the Template ,Name of the Principal,Access Type. The definition is, Name of the Certificate Manager has Access Type rights on Name of the Principal to manage the Name of the Template template.

EnrollmentAgentRestrictions

TEXT

LIKE, EQUAL, NOT_EQUAL

An enrollment agent is a user who can enroll for a certificate on behalf on another client. Unlike a certificate manager, an enrollment agent can only process the enrollment request and cannot approve pending requests or revoke issued certificates. Some organizations require further restrictions on enrollment agents. Rather than allow a certificate request agent to to enroll on behalf any client issued by a CA, the organization might want a certificate request agent to only enroll on behalf of a subset of all certificate templates or clients. Specified property contains the defined certificate request agent restrictions on the certificate authority. The data in this column formatted as, Name of the Enrollment Agent,Name of the Template ,Name of the Principal,Access. The definition is, Name of the Enrollment Agent has Access Type rights to enroll on behalf of Name of the Principal to the Name of the Template certificate template.

IsAdmin

BOOLEAN

N/A

Indicates that the object is Admin.

DNSHostName

TEXT

LIKE, EQUAL, NOT_EQUAL

Fully qualified domain name of computer as registered in DNS. (Ldap Display Name: dNSHostName)

CertificateEnrollmentWebServiceUrls

TEXT

LIKE, EQUAL, NOT_EQUAL

Certificate enrollment web service url addresses of the certificate authority.

FullName

TEXT

LIKE, EQUAL, NOT_EQUAL

Combination of the DNSHostName and the Name of the certificate authority.

WhenChanged

TEXT

LIKE, EQUAL, NOT_EQUAL

The date when this object was last changed. (Ldap Display Name: whenChanged)

isEnterpriseCA

BOOLEAN

N/A

Whether the certificate authority is an enterprise certificate authority instance. Enterprise certificate authorities are domain members and typically online to issue certificates or certificate policies.

inComputerName

TEXT

LIKE, EQUAL, NOT_EQUAL

FSName of the computer that contains the certificate authority instance.

CAEnrollmentInterfacesEPADisabled

TEXT

LIKE, EQUAL, NOT_EQUAL

The Web-based endpoints of the certificate authority with Extended Authentication Protection (EPA) disabled.

WhenCreated

TEXT

LIKE, EQUAL, NOT_EQUAL

The date when this object was created. (Ldap Display Name: whenCreated)

EnterpriseCAName

TEXT

LIKE, EQUAL, NOT_EQUAL

Name of the CA server, specified in the ADCS installation.

inComputerGuid

TEXT

LIKE, EQUAL, NOT_EQUAL

Guid of the computer that contains the certificate authority instance.

risk

NUMBER

EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL

The risk score of the object that calculated based on vulnerability counts and severities.

CaCertificateDN

TEXT

LIKE, EQUAL, NOT_EQUAL

Full distinguished name from the CA certificate.

CAEnrollmentInterfacesHTTPEnabled

TEXT

LIKE, EQUAL, NOT_EQUAL

The Web-based endpoints of the certificate authority with HTTP enabled.

isRootCA

BOOLEAN

N/A

Whether the certificate authority is an root certificate authority instance. The root certificate authorities are the first and may be the only certificate authorities configured in a Public Key Infrastructure(PKI) hierarchy.

DisplayName

TEXT

LIKE, EQUAL, NOT_EQUAL

The display name for an object. (LDAP Display Name: displayName)

CertificateEnrollmentPolicyWebServiceUrls

TEXT

LIKE, EQUAL, NOT_EQUAL

Certificate enrollment policy web service url addresses of the certificate authority.

NetworkDeviceEnrollmentServiceUrls

TEXT

LIKE, EQUAL, NOT_EQUAL

Network device enrollment url addresses of the certificate authority.

CAWebEnrollmentUrls

TEXT

LIKE, EQUAL, NOT_EQUAL

Certificate authority web enrollment url addresses of the certificate authority.

CAFlags

TEXT

LIKE, EQUAL, NOT_EQUAL

The certificate authority flags attribute stores the bitwise combination of the certificate authority server's capabilities.

PreviousLocalGroup NextCertificateTemplate

Last updated 1 year ago