ADLegacySensors 6.2.0.0026
Introduction: ADLegacySensors
Download Location
This content is available at: https://content.tanium.com/files/published/ADLegacySensors/2017-10-13_06-47-13_6.2.0.0026-g543e4aa/ADLegacySensors.xml
Usage
Sensors
Local Administrators Without Groups
Returns users (but not groups) who are members of the Local Administrators group on Windows. Will not list the individual members of groups in the Local Administrators group.
Example: Administrator
Logged in User Details
Provides various properties for users which are currently logged into the machine.
Example: CORP\john.doe | John Doe | [email protected]
Columns
Name Type Description Userid Text Full Name Text Email Address Text
Password Policy Details
Returns various data about a machines externally or locally defined Password Policy.
Example: maximum age | minimum age | enforced history | minimum length | lockout duration | lockout threshold | lockout observation window
Columns
Name Type Description Maximum Password Age Text Minimum Password Age Text Enforced Password History Text Minimum Password Length Text Lockout Duration Text Lockout Threshold Text Lockout Observation Window Text
Last Date of Local Administrator Login
Provides the last time a local administrator logged into the machine.
Example: Administrator 2014-5-12
Columns
Name Type Description Account Name Text Last Login Date Text
Local Administrators
Returns users and groups who are members of the Local Administrators group on Windows. Will not list the individual members of groups in the Local Administrators group.
Example: Administrator
AD Site Name
Gets associated AD site name for the NetLogon service DynamicSiteName registry string value.
Example: Default-First-Site-Name
AD User Groups
Any Active Directory groups that the currently logged in user is a member of.
Example: CN=Domain Admins,CN=Users,DC=corp,DC=com
AD Computer Groups
All computer groups (if any) that a computer is a member of in Active Directory.
Example: Berkeley Workstations
Cached AD Logins
Returns information on AD accounts which are logged in using cached credentials.
Example:john.doe Cached - RDP
Columns
Name Type Description User Text Type Text