| Guid | TEXT | LIKE,NOT_LIKE EQUAL,NOT_EQUAL,IS_EMPTY | A unique identifier that is a combination of GUID of selected Scan and Active Directory ObjectGUID of the object. |
| FSName | TEXT | LIKE,NOT_LIKE EQUAL,NOT_EQUAL,IS_EMPTY | Fully Qualified Domain Name of the Domain. |
| ObjectSid | TEXT | LIKE,NOT_LIKE EQUAL,NOT_EQUAL,IS_EMPTY | Active Directory security identifier of object. (Ldap Display Name: objectSid) |
| Name | TEXT | LIKE,NOT_LIKE EQUAL,NOT_EQUAL,IS_EMPTY | Name of the specified object. (Ldap Display Name: name) |
| DistinguishedName | TEXT | LIKE,NOT_LIKE EQUAL,NOT_EQUAL,IS_EMPTY | Active Directory distinguished name of the object. (Ldap Display Name: distinguishedName) |
| FSMORoleOwner | TEXT | LIKE,NOT_LIKE EQUAL,NOT_EQUAL,IS_EMPTY | Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. (Ldap Display Name: fSMORoleOwner) |
| WhenChanged | DATE | SMALLER, LARGER, BETWEEN, EQUAL | The date when this object was last changed. (Ldap Display Name: whenChanged) |
| MsDSMachineAccountQuota | NUMBER | EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL | The number of computer accounts that a user is allowed to create in a domain. (Ldap Display Name: ms-DS-MachineAccountQuota) |
| WhenCreated | DATE | SMALLER, LARGER, BETWEEN, EQUAL | The date when this object was created. (Ldap Display Name: whenCreated) |
| LockoutThreshold | NUMBER | EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL | The number of invalid logon attempts that are permitted before the account is locked out. (Ldap Display Name: lockoutThreshold) |
| DomainMode | TEXT | LIKE,NOT_LIKE EQUAL,NOT_EQUAL,IS_EMPTY | The operating mode of the domain. (Field reference) |
| MinPwdLength | NUMBER | EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL | The minimum number of characters that a password must contain. (Ldap Display Name: minPwdLength) |
| DomainModeLevel | NUMBER | EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL | The operating mode level of the domain. (Field Reference) |
| risk | NUMBER | EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL | The risk score of the object that calculated based on vulnerability counts and severities. |
| IsEnumerable | BOOLEAN | N/A | Indicates the FSProtect enumeration status of the domain. |
| PwdProperties | NUMBER | EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL | A bitfield to indicate complexity and storage restrictions. (Ldap Display Name: pwdProperties) (Field Reference) |
| IsRecycleBinEnabled | BOOLEAN | N/A | Indicates whether the recycle bin is activated for the domain. |
| IsRootDomain | BOOLEAN | N/A | Indicates whether the domain is the root of the forest. |
| PwdHistoryLength | NUMBER | EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL | The number of old passwords to save. (Ldap Display Name: pwdHistoryLength) |
| InfrastructureRoleOwner | TEXT | LIKE,NOT_LIKE EQUAL,NOT_EQUAL,IS_EMPTY | Domain controller that holds the infrastructure owner role. |
| RidRoleOwner | TEXT | LIKE,NOT_LIKE EQUAL,NOT_EQUAL,IS_EMPTY | Domain controller that holds the relative identifier (RID) master role for this domain. |
| NetbiosName | TEXT | LIKE,NOT_LIKE EQUAL,NOT_EQUAL,IS_EMPTY | The name of the object to be used over NetBIOS. (Ldap Display Name: nETBIOSName) |
| PdcRoleOwner | TEXT | LIKE,NOT_LIKE EQUAL,NOT_EQUAL,IS_EMPTY | Domain controller that holds the primary domain controller (PDC) for this domain. |
| ExposurePoint | NUMBER | EQUAL, BETWEEN, SMALLER, LARGER, SMALLER_EQUAL, LARGER_EQUAL | ExposurePoint: A numerical value indicating the level of risk or exposure. |