Company | Vision | Leadership | Products | Services | Support | News | Careers | Contact
Paramount Defenses Inc. - Most Innovative New Company Award by RSA Conference 2007

2007		 Paramount Defenses - World’s Most Innovative Companies, Fast 50 Readers Favorites of 2008
2008		 Microsoft Corporation Valued Partner - Paramount Defenses Inc. Valued Partner in the Identity and Access Management

2009
Learn more about this Serious Active Directory Security Risk
Start Here
Overview
Uniqueness
Vital Need
Audience
Features
Benefits
Solutions
Reports
Editions
Resources
Demo
Trial
Sales

Only Gold Finger can generate accurate Active Directory resultant-access reports, and basic security reports.

Mission-Critical
Access Reports		 Top 100
Reports		 Simple Basic
Security Reports


Domain User Account Management Security Reports

Gold Finger offers the following Active Directory based domain user account management reports –

Active Directory User Account Management Reports

NOTE If you have yet to generate access reports in your Active Directory environment, in all likelihood, there are far great risks that your Active Directory is exposed to today, than the simplistic risks you may be looking to identify and mitigate via these basic security reports.

In fact, your Active Directory may be substantially exposed to the risk of swift and complete compromise.


    Gold Finger automatically displays the Title, Status and SAM-Account-Name for each user account. It also displays relevant times (Creation, Last-Logon etc.) for time based reports



  1. All domain user accounts

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit.

  2. All enabled domain user accounts

    This report lets you identify and document the list of all enabled domain user accounts in an Active Directory domain, container or organizational unit.

  3. All disabled domain user accounts

    This report lets you identify and document the list of all disabled domain user accounts in an Active Directory domain, container or organizational unit.

  4. All locked domain user accounts

    This report lets you identify and document the list of all locked domain user accounts in an Active Directory domain, container or organizational unit.

  5. All unlocked domain user accounts

    This report lets you identify and document the list of all unlocked domain user accounts in an Active Directory domain, container or organizational unit.

  6. All privileged domain user accounts

    This report lets you identify and document the list of all privileged domain user accounts in an Active Directory domain, container or organizational unit.

    A privileged user account is one that has elevated privileges in the Active Directory, and which, for all practical purposes is as powerful as a Domain Admin.

  7. All domain user accounts that have logged on in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that have logged on in the last few (specifiable, 0 – 365) days.

    This report does not rely on the lastLogonTimestamp attribute, but in fact is based on True Last Logon in Active Directory and thus takes into values from all domain-controllers in the domain, delivering 100% accurate results.

    You can also instantly generate a customized, printable, ready-to-furnish report that documents the identity, status, title, description and last-logon time, of all such domain user accounts.

  8. All domain user accounts that have not logged on in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that have not logged on in the last few (specifiable, 0 – 365) days.

    This report does not rely on the lastLogonTimestamp attribute, but in fact is based on True Last Logon in Active Directory and thus takes into values from all domain-controllers in the domain, delivering 100% accurate results.

    This report can also be used to identify and document the list of all stale user accounts in an Active Directory environment.

    The staleness of a domain user account is generally relative and varies from organization to organization. For some organizations it may be 30 days, whereas for others it may be 180 days. With Gold Finger, you have the flexibility to define your own measure of staleness, and you can easily specify any value from 0 to 365 days.

  9. All domain user accounts that have never logged on

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that have never logged on.

    This report does not rely on the lastLogonTimestamp attribute, but in fact is based on True Last Logon in Active Directory and thus takes into values from all domain-controllers in the domain, delivering 100% accurate results.

  10. All domain user accounts that have logged on at least once

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that have logged on at least once.

    This report does not rely on the lastLogonTimestamp attribute, but in fact is based on True Last Logon in Active Directory and thus takes into values from all domain-controllers in the domain, delivering 100% accurate results.

  11. All domain user accounts that failed a logon attempt in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that failed a logon attempt in the last few (specifiable, 0 – 365) days.

    This report is also based on True Last Logon in Active Directory and thus takes into values from all domain-controllers in the domain, delivering 100% accurate results.

  12. All domain user accounts created in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that were created in the last few (specifiable, 0 – 365) days.

  13. All domain user accounts changed in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that were modified in the last few (specifiable, 0 – 365) days.

  14. All domain user accounts deleted in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that were deleted in the last few (specifiable, 0 – 60) days.

  15. All domain user accounts that have an expiration date

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that have an expiration date set.

  16. All domain user accounts that do not have an expiration date

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that do not have an expiration date set.

  17. All domain user accounts that expired in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that expired in the last few (specifiable, 0 – 365) days.

  18. All domain user accounts that will expire in the next few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that are set to expire in the next few (specifiable, 0 – 365) days.

  19. All domain user accounts that do not require passwords to logon

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that do not require passwords to logon.

  20. All domain user accounts that require passwords to logon

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that do require passwords to logon.

  21. All domain user accounts whose passwords never expire

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, whose passwords never expire.

  22. All domain user accounts whose passwords do expire

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, whose passwords are set to expire.

  23. All domain user accounts whose password must be changed at next logon

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, whose password must be changed at next logon.

  24. All domain user accounts whose password was changed in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, whose password was changed in the last few (specifiable, 0 – 365) days.

  25. All domain user accounts whose password has not changed in the last few days

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, whose password has not changed in the last few (specifiable, 0 – 365) days.

  26. All domain user accounts whose password is stored using reversible encryption

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, whose password is stored using reversible encryption.

  27. All domain user accounts for which DES encryption types are used

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which DES encryption types are used.

  28. All domain user accounts that require Smart cards for login

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that require Smart cards for login.

  29. All domain user accounts that do not require Smart cards for login

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that do not require Smart cards for login.

  30. All domain user accounts that are sensitive and cannot be delegated

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that are sensitive and cannot be delegated for impersonation.

  31. All domain user accounts that are not sensitive and can be delegated

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that are not sensitive and can be delegated for impersonation.

  32. All domain user accounts that require Kerberos pre-authentication

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that require Kerberos pre-authentication.

  33. All domain user accounts that do not require Kerberos pre-authentication

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that do not require Kerberos pre-authentication.

  34. All domain user accounts for which Kerberos name mappings are specified

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which Kerberos name mappings are specified.

  35. All domain user accounts for which Kerberos name mappings are not specified

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which Kerberos name mappings are not specified.

  36. All user accounts for which a user logon name is specified

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which a user logon name is specified.

  37. All user accounts for which a user logon name is not specified

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which a user logon name is not specified.

  38. All domain user accounts that can logon to any workstation

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that can logon to any workstation.

  39. All domain user accounts that can only logon to specific workstations

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that can only logon to specific workstations.

  40. All domain user accounts for which specific logon hours have not been specified

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which specific logon hours have not been specified.

  41. All domain user accounts for which specific logon hours have been specified

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which specific logon hours have been specified.

  42. All domain user accounts that can logon anytime

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that can logon anytime.

  43. All domain user accounts for which a logon script is not specified

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which a logon script is not specified.

  44. All domain user accounts that have a photo uploaded

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that have a photo uploaded.

  45. All domain user accounts that do not have a photo uploaded

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, that do not have a photo uploaded.

  46. All domain user accounts for which a home folder is not specified

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which a home folder is not specified.

  47. All domain user accounts for which a user profile is not specified

    This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which a user profile is not specified.

  48. All domain user accounts for which a description is not specified

    49. This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which a description is not specified.

  49. All domain user accounts for which a title is not specified

    50. This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which a title is not specified.

  50. All domain user accounts for which a department is not specified

    51. This report lets you identify and document the list of all domain user accounts in an Active Directory domain, container or organizational unit, for which a department is not specified.


50 Additional Reports

In addition Gold Finger also offers the following 50 general domain user account management reports –

  1. All domain user accounts for which a logon script is specified
  2. All domain user accounts for which a home folder is specified
  3. All domain user accounts for which a user profile is specified
  4. All domain user accounts for which a first name is specified
  5. All domain user accounts for which a first name is not specified
  6. All domain user accounts for which a surname is specified
  7. All domain user accounts for which a surname is not specified
  8. All user accounts for which a display name is specified
  9. All user accounts for which a display name is not specified
  10. All domain user accounts for which a description is specified
  11. All domain user accounts for which an office is specified
  12. All domain user accounts for which an office is not specified
  13. All domain user accounts for which an office telephone number is specified
  14. All domain user accounts for which an office telephone number is not specified
  15. All domain user accounts for which an email address is specified
  16. All domain user accounts for which an email address is not specified
  17. All domain user accounts for which a web page is specified
  18. All domain user accounts for which a web page is not specified
  19. All user accounts for which an address street is specified
  20. All user accounts for which an address street is not specified
  21. All user accounts for which an address post office box is specified
  22. All user accounts for which an address post office box is not specified
  23. All user accounts for which an address city is specified
  24. All user accounts for which an address city is not specified
  25. All user accounts for which an address state is specified
  26. All user accounts for which an address state is not specified
  27. All user accounts for which an address zip code is specified
  28. All user accounts for which an address zip code is not specified
  29. All user accounts for which an address country is specified
  30. All user accounts for which an address country is not specified
  31. All domain user accounts for which a home telephone number is specified
  32. All domain user accounts for which a home telephone number is not specified
  33. All domain user accounts for which a pager number is specified
  34. All domain user accounts for which a pager number is not specified
  35. All domain user accounts for which a mobile phone number is specified
  36. All domain user accounts for which a mobile phone number is not specified
  37. All domain user accounts for which a fax number is specified
  38. All domain user accounts for which a fax number is not specified
  39. All domain user accounts for which an IP phone number is specified
  40. All domain user accounts for which an IP phone number is not specified
  41. All domain user accounts for which notes have been annotated
  42. All domain user accounts for which notes have not been annotated
  43. All domain user accounts for which a title is specified
  44. All domain user accounts for which a department is specified
  45. All domain user accounts for which a manager is specified
  46. All domain user accounts for which a manager is not specified
  47. All domain user accounts for which a company is specified
  48. All domain user accounts for which a company is not specified
  49. All domain user accounts for which direct reports are specified
  50. All domain user accounts for which direct reports are not specified
  51. All domain user accounts whose primary group is Domain Users
  52. All domain user accounts whose primary group is not Domain Users

Account Management
Computer Management
Group Management
OU Management
Container Management
SCP Management
GPO Management
Exchange Management
Contact Management
Printer Management
Schema Management
Trust Management
AD ACL Management
Top-100 Reports

Top-100 Active Directory Reports



(Downloadable pdf)
Contact Us
Who We Are What We Do How We Protect You
Home

Copyright Paramount Defenses Inc. 2006 - 2011. All Rights Reserved.