ADQuery 1.0.0.0022
Introduction: ADQuery
Download Location
This content is available at: https://content.tanium.com/files/published/ADQuery/2016-08-01_08-44-13_1.0.0.0022-g8833e7f/ADQuery.xml
Usage
Questions
Has Stale AD Admin Accounts
Get Target from all machines with Has Stale AD Admin Accounts[4] containing "true"
Packages:
Has Stale AD Computer Attributes
Get Target from all machines with Has Stale AD Attributes[4] containing "true"
Packages
Get AD Computer Attributes
This package contains 1 files and 0 sensors.
Additional Properties:
- Command Line: cmd /c cscript //T:60 get_ad_comp_attr.vbs
- Command Line Timeout: 60
Files:
- get_ad_comp_attr.vbs
Get AD Local Administrators
This package contains 1 files and 0 sensors.
Additional Properties:
- Command Line: cmd /c cscript //T:60 GenerateAdminList.vbs
- Command Line Timeout: 60
Files:
- GenerateAdminList.vbs
Sensors
AD Local Administrators
Retrieves Active Directory computer attributes from the Tools\AdQuery\adminUsers.dat file.
Parameters
Name Description Type Possible / Default Values type Admin Type Selection Domain
Local
All
Has Stale AD Admin Accounts
Returns True or False based on user provided number of hours the Tools\AdQuery\adminUsers.dat file should be considered stale. Compares the current time against the time the dat file was created. Default is 4 hours.
Parameters
Name Description Type Possible / Default Values threshold Hours Difference Numeric 4
AD Computer Attributes
Retrieves Active Directory computer attributes from the Tools\AdQuery\compAttr.dat file.
Parameters
Name Description Type Possible / Default Values type Attribute Type Selection Mandatory
Optional
attr Attribute Name Text
Has Stale AD Attributes
Returns True or False based on user provided number of hours the Tools\AdQuery\compAttr.dat file should be considered stale. Compares the current time against the time the dat file was created. Default is 4 hours.
Parameters
Name Description Type Possible / Default Values threshold Hour Difference Numeric 4
Actions
Deploy Get AD Computer Attributes
Packages:
Deploy Get AD Local Administrators
Packages: