Paramount Defenses Company | Leadership | Products | Solutions | Partners | Privileged Access Insight | Support | News | Careers | Blog | Contact 100%
Gold Finger
for Active Directory  
Gold Finger
| Security
Audit Tool
| Membership
Reporting Tool
| Token-Size
| ACL Viewer
& Exporter
| Permissions
| Effective Permissions 
& Access Calculator
| Administrative Access 
& Delegation Audit Tool
| Gold Finger
| Golden

Active Directory Security Audit Tool

The world's most trustworthy Active Directory Security Audit Tool

How  can Active Directory Admins and Auditors easily -
  1. Audit Active Directory Security
  2. Gain Insights into User-Logon Activity
  3. Audit and Document Active Directory Contents
  4. Inventory Active Directory, including for Toxic Conditions

    Answer:  Perform an Active Directory Security Audit

Our Active Directory Security Audit Tool empowers organizations to easily and trustworthily
fulfill their cyber security, audit and compliance driven Active Directory security audit needs.

Active Directory Security Audit Tool

Gold Finger Active Directory Security Audit Tool

Sample Output Sample Output

"We are very pleased to see Paramount Defenses, a valued Microsoft partner, offer an innovative security solution (in Gold Finger) that helps enhance security and compliance in Active Directory environments."

– Charles Coats, Senior Product Manager,
Identity and Security Business Group


Organizations worldwide have a need to be able to audit the contents and state of their foundational Active Directory deployments to maintain security and demonstrate regulatory compliance.

Active Directory Security Audit Reports

Our Gold Finger Active Directory Security Audit Tool was designed to empower organizations fulfill this exact need.

It can instantly, accurately and trustworthily audit

  • All domain user accounts (e.g. active, inactive, locked, expired, custom LDAP filtered, administrative)
  • All domain computer accounts (e.g. DCs, active, inactive, operating system, trusted for delegation)
  • All domain security groups (e.g. builtin, domain local, global, universal, empty, administrative)
  • All organizational Units (OUs), service connection points, print-queues, contacts, quotas etc.
  • True last-logon times for all domain user and computer accounts, and the authenticating DC

In fact, only Gold Finger is designed by former Microsoft Program Manager for Active Directory Security, endorsed by Microsoft
and trusted by the world's top organizations. It is the world's most capable, valuable and trustworthy Active Directory Audit Tool.

Technical Features

Gold Finger embodies innovative features designed to help organizations effortlessly perform Active Directory Security Audits –

  1. 100 Built-in Reports – Instantly generate 100+ essential ready-to-generate Active Directory security audit reports
  2. Custom LDAP Filters – Customize any built-in report by specifying an LDAP filter of your choice (e.g. (title=C*O))
  3. LDAP Filter Library – Define and use a custom LDAP filter library to easily generate a repeatable set of audit reports
  4. Scope and Depth Control – Target any scope (domain, OU, container etc.) and optionally restrict scope up to 10 levels
  5. DC Specific Analysis and Alternate Credential Use – Target any Domain Controller, as well as use alternate credentials
  6. True Last Logon Reports – Generate 9 True Last-logon reports based on non-replicated lastLogon attribute from all DCs
  7. Last Logon DC Identification – Identify the DC that authenticated the actual last logon of any user or computer account
  8. Data Exports – Instantly export data from Active Directory (domain, OU etc.), including based on custom LDAP filters
  9. Professional-grade PDF Report Generation – Generate fully customizable, ready-to-furnish professional-grade PDF reports
  10. PDF Report Customization – Customize the heading, description and fields of PDF reports, and add an organizational logo
Real-World Examples

The following are some real-world examples that illustrate the capabilities of our Gold Finger Active Directory Security Audit Tool –

  1. Identify all domain user accounts in Active Directory, including their state, status (active/stale) and last-logon times.
  2. List all domain computer accounts in Active Directory, including their operating system, status and DNS name.
  3. Enumerate all domain security groups in Active Directory, including their type and other details.
  4. Enumerate the entire contents (accounts, groups etc.) of any Organizational Unit (OU) in Active Directory.
  5. Identify all accounts and groups that are considered/marked as administrative by Active Directory.
  6. Enumerate the list of all active and inactive domain user accounts (based on True Last Logon ).
  7. Identify all computer accounts that are trusted for unconstrained delegation in Active Directory.
  8. Identify all accounts based on a specific criteria such as a combined value of Title and a custom defined attribute Division.
  9. View the details of the CEO's domain user account, easily export them to a CSV file, or generate a professional-grade PDF report.
  10. Generate a professional-grade audit report in PDF format that lists all Active Directory user accounts, including their state and status.
Benefits and Solutions

Our Gold Finger Active Directory Security Audit Tool delivers the following valuable and measurable benefits –

  1. Instantly, easily and trustworthily perform a complete or custom inventory of Active Directory content.
  2. Easily audit, export and document the state, status and settings of any, some or all resources stored in Active Directory.
  3. Efficiently, cost-effectively and trustworthily fulfill all basic and essential Active Directory security audit requirements.
  4. Easily gain valuable visibility into vital Active Directory content and perform an Active Directory recon without admin rights.
  5. Effortlessly generate Active Directory security audit reports to fulfill regulatory compliance and cyber security reporting needs.
  6. Obtain 365-24-7, on-demand, real-time insight into the security state of all vital IT resources and content stored in Active Directory.

In addition, Gold Finger also helps organizations implement 5 essential cyber security solutions for –

1. Active Directory Security 3. Attack Surface Reduction 5. Audit and Compliance
2. Privileged Access Audit 4. Insider Threat Protection

As such, only Gold Finger's unique capabilities empower organizations worldwide to fulfill all their Active Directory audit
(i.e. security, membership, permissions, effective permissions/access and effective privileged access audit) needs.

Gold Finger is the Gold Standard for Active Directory Audit Tools in capability, value and trustworthiness.


The following short video demonstrates Gold Finger's helpful Active Directory security audit and reporting capabilities in action –

For optimal viewing, you may want to use the Settings icon above to set the Quality to 720p HD. You can also click the Full Screen icon to view the video in full screen.

Requirements, Licensing and Pricing

The tool can be instantly downloaded, installed and run on any Windows computer in under 2 minutes. Its use does not require any admin privileges or any changes to Active Directory. See FAQ.

The tool can be licensed on a short-term (weekly, monthly, quarterly) as well as a long-term (annual) basis. Short-term licenses are ideal for independent consultants and small projects and long-term licenses are ideal for long-term organizational use. A 1-week, 1-user license for use in 1 domain starts at just US $99 and can be instantly purchased by clicking the Buy Now button below.

"We use the Gold Finger from Paramount Defenses to fulfill our Active Directory Audit needs. It saves us a lot of time and effort and we would recommend it to anyone who needs to perform Active Directory audits trustworthily and cost-effectively. Great product, great support."

– Sean Seeliger, Architect

Gold Finger Mini Gold Finger Mini
Group Membership Reporting Tool Group Membership Reporting Tool

Our Global Customers - Cyber Security Thought Leaders
Who We Are What We Do How We Protect You