FSProtect
  • Introduction
    • FSProtect - Active Directory Security Assessment
    • Glossary
    • Architecture
    • Requirements
    • Installation
    • Update
  • Scans
    • New Scan
    • Scans
    • Policies
  • Dashboard
  • Trend Insights
  • Issues
  • Impacts
  • Attack Surface
    • Forests
    • Domains
    • Computers
    • Users
    • Groups
    • GPOs
    • OUs
    • MSAs
    • GMSAs
    • Local Users
    • Local Groups
    • Certificate Authorities
    • Certificate Templates
    • CA Certificates
  • GPO Audit
    • GPO Comparison
    • RSoP Comparison
    • Custom Baselines
  • Integrations
    • CyberArk
    • Mail
    • Jira
  • Search & Reports
    • Domain
    • Computer
    • User
    • Group
    • GPO
    • OU
    • ManagedServiceAccount
    • GroupManagedServiceAccount
    • LocalUser
    • LocalGroup
    • CertificateAuthority
    • CertificateTemplate
    • CACertificate
    • SPN
    • SmbShare
  • Health Check
  • Visualize
  • Settings
    • User Settings
    • LDAP Authentication Settings
    • Roles and Permissions
    • Token Expiration Settings
  • Share Audit
    • Summary
    • Secrets
    • Settings
Powered by GitBook
On this page

Was this helpful?

  1. Search & Reports

CertificateTemplate

Field
Type
Possible Operators
Description

Guid

TEXT

LIKE, EQUAL, NOT_EQUAL

A unique identifier that is a combination of GUID of selected Scan and Active Directory ObjectGUID of the object.

FSName

TEXT

LIKE, EQUAL, NOT_EQUAL

A special unique identifier that is a combination of the Name of the object and the FSName of the Forest.

Name

TEXT

LIKE, EQUAL, NOT_EQUAL

Name of the specified object. (Ldap Display Name: name)

DistinguishedName

TEXT

LIKE, EQUAL, NOT_EQUAL

Active Directory distinguished name of the object. (Ldap Display Name: distinguishedName)

ValidityPeriod

NUMBER

EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL

The period of time during which a certificate is intended to be valid.

IsEnrolleeSuppliesSubject

BOOLEAN

N/A

Whether specifying a Subject Alternative Name (SAN) during certificate enrollment to this certificate template has been allowed.

MSPKICertificateApplicationPolicies

TEXT

LIKE, EQUAL, NOT_EQUAL

RenewalPeriod

NUMBER

EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL

The period of time during which a certificate is intended to be renew.

WhenChanged

DATE

SMALLER, LARGER, BETWEEN, EQUAL

The date when this object was last changed. (Ldap Display Name: whenChanged)

IsManagerApprovalEnabled

BOOLEAN

N/A

Whether the certificate requests based on the template require manager approval to be issued.

WhenCreated

DATE

SMALLER, LARGER, BETWEEN, EQUAL

The date when this object was created. (Ldap Display Name: whenCreated)

IsPublished

BOOLEAN

N/A

Whether the certificate template has been published by any certificate authority.

risk

NUMBER

EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL

The risk score of the object that calculated based on vulnerability counts and severities.

MSPKIRAPolicies

TEXT

LIKE, EQUAL, NOT_EQUAL

MSPKIRAApplicationPolicies

TEXT

LIKE, EQUAL, NOT_EQUAL

ExtendedKeyUsage

TEXT

LIKE, EQUAL, NOT_EQUAL

Key usage extensions define the purpose of the public key contained in a certificate. You can use them to restrict the public key to as few or as many operations as needed.

HasDomainAuthenticationEKU

BOOLEAN

N/A

Whether certificate template contains any Extended Key Usage(EKU) that allows to auhenticate in the domain.

SchemaVersion

NUMBER

EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL

The certificate template schema version.

DisplayName

TEXT

LIKE, EQUAL, NOT_EQUAL

The display name for an object. (LDAP Display Name: displayName)

EnrollmentFlags

TEXT

LIKE, EQUAL, NOT_EQUAL

CertificateNameFlags

TEXT

LIKE, EQUAL, NOT_EQUAL

NumberOfAuthorizedSignatures

NUMBER

EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL

The number of Authorized Signatures to issue a certificate.

PreviousCertificateAuthorityNextCACertificate

Last updated 2 years ago

Was this helpful?

Specifies certificate application policy extension. In GUI, this attribute can be controlled by setting "Application Policies" in "Extensions" tab. ()

Contains the list of required policy OIDs from registration authorities who sign the enrollment request. ()

Encapsulates embedded properties for multipurpose use. In GUI, this attribute can be controlled by checking This number of authorized signatures check box in Issuance Requirements tab and choosing Application Policy menu. ()

Specifies the enrollment flags. ()

Specifies the subject name flags. ()

Field Reference
Field Reference
Field Reference
Field Reference
Field Reference