Active Directory based Account Management Security Reports
Gold Finger offers the following Active Directory based domain user account management reports –
|
- All domain user accounts
- All enabled domain user accounts
- All disabled domain user accounts
- All locked domain user accounts
- All unlocked domain user accounts
- All privileged domain user accounts
- All domain user accounts that have logged on in the last few days*
- All domain user accounts that have not logged on in the last few days*
- All domain user accounts that have never logged on*
- All domain user accounts that have logged on at least once*
- All domain user accounts that failed a logon attempt in the last few days*
- All domain user accounts created in the last few days
- All domain user accounts changed in the last few days
- All domain user accounts deleted in the last few days
- All domain user accounts that have an expiration date
- All domain user accounts that do not have an expiration date
- All domain user accounts that expired in the last few days
- All domain user accounts that will expire in the next few days
- All domain user accounts that do not require passwords to logon
- All domain user accounts that require passwords to logon
- All domain user accounts whose passwords never expire
- All domain user accounts whose passwords do expire
- All domain user accounts whose password must be changed at next logon
- All domain user accounts whose password was changed in the last few days
- All domain user accounts whose password has not changed in the last few days
- All domain user accounts whose password is stored using reversible encryption
- All domain user accounts for which DES encryption types are used
- All domain user accounts that require Smart cards for login
- All domain user accounts that do not require Smart cards for login
- All domain user accounts that are sensitive and cannot be delegated
- All domain user accounts that are not sensitive and can be delegated
- All domain user accounts that require Kerberos pre-authentication
- All domain user accounts that do not require Kerberos pre-authentication
- All domain user accounts for which Kerberos name mappings are specified
- All domain user accounts for which Kerberos name mappings are not specified
- All user accounts for which a user logon name is specified
- All user accounts for which a user logon name is not specified
- All domain user accounts that can logon to any workstation
- All domain user accounts that can only logon to specific workstations
- All domain user accounts for which specific logon hours have not been specified
- All domain user accounts for which specific logon hours have been specified
- All domain user accounts that can logon anytime
- All domain user accounts for which a logon script is specified
- All domain user accounts for which a logon script is not specified
- All domain user accounts that have a photo uploaded
- All domain user accounts that do not have a photo uploaded
- All domain user accounts for which a home folder is specified
- All domain user accounts for which a home folder is not specified
- All domain user accounts for which a user profile is specified
- All domain user accounts for which a user profile is not specified
* This report involves the analysis of unreplicated attributes, and thus all unreplicated instances of the value are automatically obtained from each domain controller in the domain, and appropriately analyzed to deliver 100% accuracy.
|
|
|
