Company | Vision | Leadership | Products | Services | Support | News | Careers | Contact
Paramount Defenses Inc. - Most Innovative New Company Award by RSA Conference 2007

2007		 Paramount Defenses - World’s Most Innovative Companies, Fast 50 Readers Favorites of 2008
2008		 Microsoft Corporation Valued Partner - Paramount Defenses Inc. Valued Partner in the Identity and Access Management

2009
Learn more about this Serious Active Directory Security Risk
Home
Overview
Capabilities
Uniqueness
Audience
Features
Benefits
Solutions
Editions
FAQ +
Demos
Trials
Sales


What's new in ver 5.0?

See Deployment
See Deployment
Download Free Trial
Download Trial

Only Gold Finger can generate accurate Active Directory resultant-access reports, and basic security reports.

Mission-Critical
Access Reports		 Top 100
Reports		 Simple Basic
Security Reports


Domain User Account Management Security Reports

Gold Finger offers the following Active Directory based domain user account management reports –

Active Directory User Account Management Reports

NOTE If you have yet to generate access reports in your Active Directory environment, in all likelihood, there are far great risks that your Active Directory is exposed to today, than the simplistic risks you may be looking to identify and mitigate via these basic security reports.

In fact, your Active Directory may be substantially exposed to the risk of swift and complete compromise.


    You can apply a custom LDAP filter to any report below.



  1. All domain user accounts

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit.

  2. All enabled domain user accounts

    This report lets you identify and document the list of all enabled domain user accounts in an Active Directory domain, container or organizational unit.

  3. All disabled domain user accounts

    This report lets you identify and document the list of all disabled domain user accounts in an Active Directory domain, container or organizational unit.

  4. All locked domain user accounts

    This report lets you identify and document the list of all locked domain user accounts in an Active Directory domain, container or organizational unit.

  5. All unlocked domain user accounts

    This report lets you identify and document the list of all unlocked domain user accounts in an Active Directory domain, container or organizational unit.

  6. All administrative domain user accounts

    This report lets you identify and document the list of all administrative (privileged) domain user accounts in an Active Directory domain, container or organizational unit.

    An administrative (privileged) user account is one that has elevated privileges in the Active Directory, and which, for all practical purposes is as powerful as a Domain Admin.

  7. All domain user accounts that have logged on in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that have logged on in the last few (specifiable, 0 – 5000) days.

    This report does not rely on the lastLogonTimestamp attribute, but in fact is based on True Last Logon in Active Directory and thus takes into values from all domain-controllers in the domain, delivering 100% accurate results.

  8. All domain user accounts that have not logged on in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that have not logged on in the last few (specifiable, 0 – 5000) days.

    This report does not rely on the lastLogonTimestamp attribute, but in fact is based on True Last Logon in Active Directory and thus takes into values from all domain-controllers in the domain, delivering 100% accurate results.

    This report can also be used to identify and document the list of all stale user accounts in an Active Directory environment.

    The staleness of a domain user account is generally relative and varies from organization to organization. For some organizations it may be 30 days, whereas for others it may be 180 days. With Gold Finger, you have the flexibility to define your own measure of staleness, and you can easily specify any value from 0 to 365 days.

  9. All domain user accounts that have never logged on

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that have never logged on.

    This report does not rely on the lastLogonTimestamp attribute, but in fact is based on True Last Logon in Active Directory and thus takes into values from all domain-controllers in the domain, delivering 100% accurate results.

  10. All domain user accounts that have logged on at least once

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that have logged on at least once.

    This report does not rely on the lastLogonTimestamp attribute, but in fact is based on True Last Logon in Active Directory and thus takes into values from all domain-controllers in the domain, delivering 100% accurate results.

  11. All domain user accounts that failed a logon attempt in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that failed a logon attempt in the last few (specifiable, 0 – 5000) days.

    This report is also based on True Last Logon in Active Directory and thus takes into values from all domain-controllers in the domain, delivering 100% accurate results.

  12. All domain user accounts created in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that were created in the last few (specifiable, 0 – 5000) days.

  13. All domain user accounts changed in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that were modified in the last few (specifiable, 0 – 5000) days.

  14. All domain user accounts deleted in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that were deleted in the last few (specifiable, 0 – 60) days.

  15. All domain user accounts that have an expiration date

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that have an expiration date set.

  16. All domain user accounts that do not have an expiration date

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that do not have an expiration date set.

  17. All domain user accounts that expired in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that expired in the last few (specifiable, 0 – 5000) days.

  18. All domain user accounts that will expire in the next few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that are set to expire in the next few (specifiable, 0 – 5000) days.

  19. All domain user accounts that require passwords to logon

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that do require passwords to logon.

  20. All domain user accounts that do not require passwords to logon

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that do not require passwords to logon.

  21. All domain user accounts whose passwords never expire

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, whose passwords never expire.

  22. All domain user accounts whose password must be changed at next logon

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, whose password must be changed at next logon.

  23. All domain user accounts whose password was changed in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, whose password was changed in the last few (specifiable, 0 – 5000) days.

  24. All domain user accounts whose password is stored using reversible encryption

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, whose password is stored using reversible encryption.

  25. All domain user accounts that require Smart cards for login

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that require Smart cards for login.

  26. All domain user accounts that are sensitive and cannot be delegated

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that are sensitive and cannot be delegated for impersonation.

  27. All domain user accounts that are not sensitive and can be delegated

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that are not sensitive and can be delegated for impersonation.

  28. All domain user accounts that can logon to any workstation

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that can logon to any workstation.

  29. All domain user accounts that can only logon to specific workstations

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that can only logon to specific workstations.

  30. All domain user accounts for which specific logon hours have not been specified

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which specific logon hours have not been specified.

  31. All domain user accounts for which specific logon hours have been specified

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which specific logon hours have been specified.

  32. All domain user accounts that can logon anytime

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that can logon anytime.

  33. All domain user accounts for which a logon script is specified

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which a logon script is specified.

  34. All domain user accounts for which no logon script is specified

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which no logon script is specified.

  35. All domain user accounts for which a description is not specified

    36. This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which a description is not specified.

Account Management
Computer Management
Group Management
OU Management
Container Management
SCP Management
GPO Management
Contact Management
Printer Management
Top-100 Reports

Top-100 Active Directory Reports



(Downloadable pdf)
Contact Us
Who We Are What We Do How We Protect You
Home

Terms of Use Copyright Paramount Defenses Inc  2006 – 2012. All Rights Reserved Privacy Policy