立即与支持人员聊天
与支持团队交流

Enterprise Reporter 3.5.1 - Report Library

Enterprise Reporter Report Library

This document contains a list of the reports in the Quest® Enterprise Reporter Report Library.

 

Active Directory Reports

 

Account Expiration Date

Shows the account expiration date for the selected accounts. Contains parameters to select the domains, organizational units, and accounts to be included in the report.

Account Operators

Shows the members of the account operators group for the selected domains. Contains a parameter to select the domains to be included in the report.

Accounts that can change any property of any user in the selected domains

Shows accounts that can change any property of any user in the selected domains. Includes any accounts that are permissioned through group membership. Contains a parameter to select the domains to be included in the report. You may also set the maximum recursion depth for this report.

The folder level value will start from zero.
Examining the path of C:\FolderA\FolderB,
C:\ is 0 levels deep.
FolderA is 1 level deep.
FolderB is 2 levels deep.

Accounts that can change group membership of any group in the selected domains

Show accounts that can change group membership of any group in the selected domains. Includes accounts that are permissioned through group membership. Contains a parameter to select the domains to be included in the report. You may also set the maximum recursion depth for this report.

Accounts Where SID History Attribute Contains SID From Same Domain

Shows accounts whose SID History attribute contains an SID of another object in the same domain. Includes a parameter to select the domains and Organizational Units to be included in the report.

Active Directory Permissions

Shows all Active Directory permissions for the selected domains and Active Directory objects. Contains parameters to select the domains, organizational units, object types, objects, and accounts to be included in the report. Also includes the option to filter inherited or explicit permissions.

Active Directory Permissions for Account

Shows the Active Directory permissions for an account, including permissions derived through group membership. Contains parameters to select the account, domains, organizational units, object types, and objects to be included in the report. Also includes the option to filter inherited or explicit permissions.

Active Directory Permissions for Account with Membership

Shows the Active Directory permissions for an account, including permissions derived through group membership. If you choose to include nested groups, membership of the groups is displayed. Contains parameters to select the account, domains, organizational units, object types, and objects to be included in the report. Also includes the option to filter inherited or explicit permissions.

All Accounts

Shows accounts of all types including trust accounts and InetOrgPerson accounts. Contains parameters to select the domains and account type to be included in this report.

All Names for Active Directory Users

Shows all the Active Directory names for the selected user accounts. Contains parameters to select the domains, organizational units and accounts to be included in the report.

Circular Nested Domain Groups

Shows information about groups which recursively contain themselves for the selected domains. Contains a parameter to select the domains to be included in the report.

Disabled Accounts

Shows all the disabled accounts for the selected domains. Contains a parameter to select the domains to be included in the report.

Domain Accounts

Shows all the domain accounts for the selected domains. Contains parameters to select the domains, organizational units, accounts, and account scopes to be included in the report.

Domain Computer Information

Shows the domain computer information in selected domains. Contains parameters to select the domains, organizational units, and computers to be included in the report.

Domain Controller Information

Shows domain controller information for the selected domains. Contains parameters to select the domains, domain controllers, and organizational units to be included in the report.

Domain Groups

Shows all the domain groups for the selected domains. Contains parameters to select the domains, organizational units, domain groups, and group scopes to be included in the report. Also contains the option to include only security enabled groups.

Domain Groups and Members

Shows the group membership for the selected domains and groups. Contains parameters to select the domains, organizational units, and domain groups to be included in the report. Contains a parameter to include nested group memberships and options on how they are displayed in the report. For more information, see the Expand Nested Groups Parameter topic in the Quest Enterprise Reporter Report Manager User Guide in the Technical Documentation.

Foreign groups only appear if they were included in the applicable discovery. For more information, see the Quest Enterprise Reporter Configuration Manager User Guide in the Technical Documentation.

 

Domain Groups with Probable Owners

Shows the domain groups for the selected domains and suggests the account that manages the highest percentage of members of each group as the probable group owner. Contains a parameter to select the domains to be included in the report.

Domain Groups without Members

Shows all the domain groups which do not have any members. Contains parameters to select the domains, organizational units, and domain groups to be included in the report.

Domain Sites

Shows all the sites for the selected domains. Contains parameters to select the domains and sites to be included in the report.

Domain Summary

Shows a domain summary for the selected domains. Summary information is only available if Active Direct discovery collections that include object counts for the selected domains have been completed. Contains parameters to select the domains and organizational units to be included in the report.

Domain Trusts

Shows all the trust relationships for the selected domains. Contains parameters to select the domains and trusts to be included in the report.

Domain Users

Shows all the domain users for the selected domains. Contains parameters to select the domains, organizational units, and accounts to be included in the report. Also contains the options to include only disabled or only locked domain user accounts.

Domain Users at Risk

Shows the users who match one or more of the selected risk factors and therefore may pose a security risk in the selected domains. Includes a summary of risk factors used as criteria for this report. Contains parameters to select the domains to be included in the report. Also contains the option to include users that:

Domain Users with Recent Logons

Shows users in the selected domains who have logged on in the selected time frame. Contains parameters to select the domains, organizational units, and users to be included in the report. Also contains the option to include users that have logged on in the past _ days.

Domain Users without Recent Logons

Shows users in the selected domains who have not logged on in the selected time frame. Contains parameters to select the domains, organizational units, and users to be included in the report. Also contains the option to include users that have not logged on in the past _ days.

Group Managed Service Accounts and Members

Shows all the group managed service accounts and their members for the selected domains. If you choose to include nested groups, membership of the group members is displayed. Contains parameters to select the domains, organizational units, and group managed service accounts to be included in the report.

Group Member Comparison

Shows the direct and indirect users that are members of the selected groups. Contains parameters to select up to 5 groups.

Group Membership by Domain Account

Shows all groups to which the selected domain accounts belong. Contains parameters to select the domains, organizational units, and accounts to be included in the report.

Group Membership Comparison

Compares the direct and indirect group memberships of the selected accounts. Contains parameters to select up to 5 accounts.

Locked Out Accounts

Shows all the locked out accounts for the selected domains.Contains a parameter to select the domains to be included in the report.

Managed Service Accounts

Shows all the managed service accounts for the selected domains. Contains parameters to select the domains, organizational units, and managed service accounts to be included in this report.

Managed Service Accounts and Members

Shows all the managed service accounts and their members for the selected domains. Contains parameters to select the domains, organizational units, and managed service accounts to be included in this report.

Member Servers

Shows the member server information for the selected domains.Contains parameters to select the domains and organizational units to be included in the report.

Published Printer Information

Shows published printer information for the selected domains.Contains parameters to select the domains and printers to be included in the report.

Published Share Information

Shows published share information for the selected domains. Contains parameters to select the domains and shares to be included in the report.

Recursive Group Membership by Domain Account

Shows recursive group membership for the selected domain accounts. Contains parameters to select the domains, organizational units, and accounts to be included in the report.

Remote Access Profile (RAS) Information

Shows RAS information for the selected user accounts. Contains parameters to select the domains, organizational units, and accounts to be included in the report.

Remote Control Settings Information

Shows terminal services remote control settings of the users for the selected domains. Contains parameters to select the domains, organizational units, and accounts to be included in the report.

Resultant Kerberos Configuration for Domains

Shows the resultant Kerberos GPO configuration for selected domains. Includes a parameter to select the domains to be included in the report.

Terminal Services Profile Information

Shows terminal services profile information of the users for the selected domains. Contains parameters to select the domains, organizational units, and accounts to be included in the report.

Users At Risk Of Token Bloat

Shows the users who are at risk of token bloat in the selected domains. You can select the number of security groups permitted for users in these domains. This report will only include groups from your selected domains. Contains a parameter to select the domains to be included in the report.

Users Not Logged On In The Past 30 Days

Shows users in the selected domains who have not logged on in the past 30 days. Contains a parameter to select the domains to be included in the report.

User That Have Never Logged On

Shows users in the selected domains who have never logged on. Contains a parameter to select the domains to be included in the report.

Users with An Exchange Mailbox

Shows Active Directory Users that have an Exchange mailbox as set by the Active Directory Connector. Contains parameters to select the domains, organizational units, and accounts to be included in the report.

Health Check | Active Directory

 

Accounts Where SID History Attribute Contains SID From Same Domain

Shows accounts whose SID History attribute contains an SID of another object in the same domain. Includes a parameter to select the domains and Organizational Units to be included in the report.

Active Directory Permissions - Dangerous permissions delegated

Shows all Active Directory permissions for the selected domains and Active Directory objects. These permissions can be used to attack Active Directory. For information about attack types, see https://attack.mitre.org/mitigations/M1015/

Active Directory Permissions - Domain Controller Owners

Shows all Active Directory permissions for the selected domains and Active Directory objects. The Domain Administrators group or the Enterprise Administrators group are set as owners for domain controllers. For details, see Privileged Account Management at https://attack.mitre.org/mitigations/M1026/

Active Directory Permissions for Account (Everyone)

Shows the Active Directory permissions for an account, including permissions derived through group membership. (Excluding Deny Permissions and Change Password permissions).

Active Directory Summary

Shows the summary of Active Directory Users and Groups for the selected domains. Contains a parameter to select the domains to be included in the report.

AdminSDHolder Permissions

Shows all Active Directory permissions for the selected domains and Active Directory objects. For more information see Protected Accounts and Groups in Active Directory at https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/appendix-c--protected-accounts-and-groups-in-active-directory and Active Directory Configuration at https://attack.mitre.org/mitigations/M1015/

Domain Accounts (Users and Groups) with SID History Attribute not empty

Shows all the domain accounts for the selected domains which can leave accounts open to Access Token Manipulation: SID-History Injection attacks. Adversaries can use SID-History Injection to escalate privileges and bypass access controls. For details, see https://attack.mitre.org/techniques/T1134/005/

Domain Controllers by Site Name

Shows the domain controller per site for the selected domains. Contains parameters to select the domains and sites to be included in the report.

Domain Controllers with Global Catalog by Site Name

Shows the domain controller with global catalog per site for the selected domains. Contains parameters to select the domains and sites to be included in the report.

Domain Functional Level

Shows the domain functional level for the selected domains. Contains a parameter to select the domains to be included in the report.

Domain Groups and Members (Pre-Windows 2000 Compatible Access)

Shows the group memberships for the selected domains and groups. If you include nested groups, the membership of the groups is displayed. For details, see https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/7a76a403-ed8d-4c39-adb7-a3255cab82c5?redirectedfrom=MSDN and Exploitation of Remote Services https://attack.mitre.org/techniques/T1210/

Domain NetBIOS Name

Shows domain NetBIOS name for the selected domains. Contains a parameter to select the domains to be included in the report.

Domain Sites without a Domain Controller

Shows domain sites that do not contain a domain controller for the selected domains. Contains a parameter to select the domains to be included in the report.

Domain Sites without a Global Catalog

Shows domain sites that do not contain a global catalog for the selected domains. Contains a parameter to select the domains to be included in the report.

FSMO Role Holders by Forest

Shows flexible single master operation (FSMO) role holders for the selected forests. Contains parameters to select the forests and domains to be included in the report.

Number of Domain Controllers

Shows the number of domain controllers for the selected domains. Contains a parameter to select the domains to be included in the report.

Number of Domains per Forest

Shows the number of domains for the selected forests. Contains a parameter to select the forests to be included in the report.

OU Structure

Shows the OU structure for the selected domains. Contains a parameter to select the domains to be included in the report.

Read-Only Domain Controllers

Shows read-only domain controllers for the selected domains. Contains a parameter to select the domains to be included in the report.

Size of Active Directory Database

Shows the size of the Active Directory database for the selected computers. Contains parameters to select the domain and organizational units to be included in the report.

Health Check | Computer

 

Computer Services on Domain Controllers (Print Spooler)

Shows information about the services for the selected computers. (Enterprise Reporter Windows Server License must be available). More details at https://adsecurity.org/?p=4056

Disabled Computer Accounts

Shows disabled computer accounts for the selected domains. Contains parameters to select the domains and organizational units to be included in the report.

Domain Computers by Operating System

Shows domain computers per operating system for the selected domains. Contains parameters to select the domains, organizational units, and operating systems to be included in the report.

Domain Computers Having Constrained Delegation

Shows domain computers for selected domains that have constrained delegation.

Domain Computers Having SID History

Shows domain computers for selected domains that have some value specified in SID History attribute.

Domain Computers Having Unconstrained Delegation

Shows domain computers for selected domains having unconstrained delegation.

Domain Computers whose sAMAccountName Does Not End In a Dollar Sign

Shows domain computers for selected domains whose sAMAccountName does not end in a a Dollar Sign.

Health Check | Group

 

Domain Groups with Duplicate Display Names

Shows domain groups with duplicate display names in the selected domains. Contains a parameter to select the domains to be included in the report.

Domain Groups with Only One Member

Shows domain groups with only one member for the selected domains. Contains a parameter to select the domains to be included in the report.

Domain Groups without a Display Name

Shows domain groups without a display name for the selected domains. Contains a parameter to select the domains to be included in the report.

Privileged Domain Groups and Members

Shows the group memberships for the selected domains and groups. These privileged groups should have as few members as possible. DNSAdmins should have no members. If you include nested groups, the membership of the groups is displayed. For details, see Privileged Account Management https://attack.mitre.org/mitigations/M1026/

SID History Auditing Group available in Domain (Migration in Progress)

Shows if a SID History auditing group has been created in the domain.

Health Check | User

 

Active Directory Permissions - Delegations for Accounts that cannot be resolved

Shows all active directory permissions for the selected domains and active directory objects. These permissions can be used for attacks. For details, see Active Directory Configuration https://attack.mitre.org/mitigations/M1015/

Built-in AD Administrator Account Usage

Shows native Administrator account in selected domains who have logged in selected timeframe.

Disabled Accounts

Shows disabled accounts for the selected domains. Contains parameters to select the domains and organizational units to be included in the report.

Domain User Accounts that are Sensitive and Cannot be Delegated

Shows all domain user accounts for selected domains that cannot be delegated.

Domain Users that will Expire in Next (N) Days

Shows domain users that will expire in next N days for the selected domains. Contains parameters to select the domains and the number of days to be included in the report.

Domain Users who do not require a password

Shows all domain users for selected domains who do not require a password.

Domain Users who do not require Kerberos Pre-Authentication

Shows all domain users for selected domains where the account is configured with the "Do not require Kerberos pre-authentication" option. Kerberos pre-authentication is a security feature which offers protection against password-guessing attacks. When you do not enforce pre-authentication, a malicious attacker can directly send a dummy request for authentication.

Domain Users with Duplicate Display Names

Shows domain users with duplicate display names in the selected domains. Contains a parameter to select the domains to be included in the report.

Domain Users with Duplicate Email Addresses

Shows domain users with duplicate email addresses in the selected domains. Contains a parameter to select the domains to be included in the report.

Domain Users with weak DES encryption enabled

Shows all domain users for selected domains that have weak DES encryption enabled. DES is considered weak cryptography and is no longer enabled by default in Kerberos authentication.

Domain Users without a Display Name

Shows domain users without a display name for the selected domains. Contains parameters to select the domains and organizational units to be included in the report. Also contains the options to include only disabled or only locked domain user accounts.

Domain Users without a First Name

Shows domain users without a first name for the selected domains. Contains parameters to select the domains and organizational units to be included in the report. Also contains the options to include only disabled or only locked domain user accounts.

Domain Users without a Last Name

Shows domain users without a last name for the selected domains. Contains parameters to select the domains and organizational units to be included in the report. Also contains the options to include only disabled or only locked domain user accounts.

Exchange Mailbox Users with Duplicate Display Names

Shows exchange mailbox users with duplicate display names in at least two selected domains. Contains a parameter to select the domains to be included in the report.

Exchange Mailbox Users without a Display Name

Shows Active Directory users without a display name that have an Exchange mailbox. Contains parameters to select the domains, organizational units, and accounts to be included in the report.

Expired Accounts

Shows expired accounts for the selected domains. Contains a parameter to select the domains to be included in the report.

Golden Ticket Mitigation - Last Password Change for krbtgt account

Shows user password information for the krbtgt account. Attackers who have the krbtgt account password hash can forge Kerberos ticket-granting tickets (TGT), also known as a golden ticket. Golden tickets enable adversaries to generate authentication material for any account in Active Directory.

Privileged Accounts that are Sensitive and Cannot be Delegated

Shows all privileged accounts for selected domains that are configured with the "Account is sensitive and cannot be delegated" option.

Privileged Accounts that have Not Logged In

Shows privileged accounts in selected domains having unchanged passwords and have not logged in.

Privileged Accounts Vulnerable to the Kerberoast Attack

Shows all privileged user accounts that are vulnerable to the Kerberoast attack. Kerberoasting is an attack technique that attempts to crack the password of a service account within the Active Directory.

Privileged Accounts with Unchanged Passwords that Logged In

Shows privileged accounts in selected domains having unchanged passwords and have logged in.

User Account(s) that have Constrained Delegation

Shows all the domain users for the selected domains that have TRUSTED_FOR_AUTH_DELEGATION enabled. For details, see https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/useraccountcontrol-manipulate-account-properties

User Account(s) that have Unconstrained Delegation

Shows all the domain users for the selected domains that have TRUSTED_FOR_DELEGATION enabled. For details, see https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/useraccountcontrol-manipulate-account-properties

Users That Cannot Change the Set Password

Shows users that cannot change the set password for the selected domains. Contains parameters to select the domains and organizational units to be included in the report.

Users with Password Set to Never Expire

Shows users with password set to never expire for the selected domains. Contains parameters to select the domains and organizational units to be included in the report.

Migration Assessment

 

Detailed Computer Information for Migration

Shows detailed information for the selected computers. The report includes the following sections to assist with migration efforts: for Local Groups, Local Administrators, Installed Software, Services, User Profiles, Shares and IP Addresses.

Note: Computer detail information is only available if Computer and Active Directory collections that include the selected computers have been completed.

Contains parameters to select the domains and computers to be included in the report.

Duplicate Domain Computers

Shows duplicate computers in the selected domains. Two or more domains must be specified. Contains a parameter to select the domains to be included in the report.

Duplicate Domain Groups

Shows duplicate groups in the selected domains. Two or more domains must be specified. Contains a parameter to select the domains to be included in the report.

Duplicate Domain Users

Shows duplicate users in the selected domains. Two or more domains must be specified. Contains a parameter to select the domains to be included in the report.

QMM Matching Computers

Shows computers that have been migrated (using Quest Migration Manager) from the selected source domain into the selected target domain by comparing the Object GUID of the source computer to the Extension Attribute 15 of the target computer. Contains parameters to select the source domain and the target domain for this report.

QMM Matching Groups

Shows groups that have been migrated (using Quest Migration Manager) from the selected source domain into the selected target domain by comparing the Object GUID of the source group to the Extension Attribute 15 of the target group. Contains parameters to select the source domain and the target domain for this report.

QMM Matching Users

Shows users that have been migrated (using Quest Migration Manager) from the selected source domain into the selected target domain by comparing the Object GUID of the source user to the Extension Attribute 15 of the target user. Contains parameters to select the source domain and the target domain for this report.

Passwords

 

Accounts that can change or reset password for any user in the selected domains

Shows accounts that can change or reset the password of any user in the selected domains. Includes any accounts that are permissioned through group membership. Contains a parameter to select the domains to be included in the report. You may also set the maximum recursion depth for this report.

The folder level value will start from zero.
Examining the path of C:\FolderA\FolderB,
C:\ is 0 levels deep.
FolderA is 1 level deep.
FolderB is 2 levels deep.

Domain Users with Changed Passwords

Shows all domain users who have changed their password in the selected time frame for the selected domains. Contains parameters to select the domains, organizational units, and users to be included in the report. Also contains the option to include users with passwords that have changed in the past _ days.

Domain Users with Expired Passwords

Shows all users with expired passwords for the selected domains. Contains parameters to select the domains, organizational units, and users to be included in the report.

Domain Users with Older Passwords

Shows all the users who have not changed their password in the selected time frame for the selected domains. Contains parameters to select the domains, organizational units, and users to be included in the report. Also contains the option to include users with passwords older than _ days.

Last Password Change and Logon for Domain Computers

Shows the last password change and last logon for computers in the selected domains. Contains parameters to select the domains, organizational units, and computers to be included in the report.

User Password Information

Shows user password information for the selected domains. Contains parameters to select the domains, organizational units, domain users, and accounts to be included in the report.

 

 

Azure Reports

 

Table 2. Azure Reports

Azure Active Directory

 

Azure Active Directory Application Information

Shows all the applications for the selected tenants. Contains parameters to select the tenants and applications to be included in the report. Also contains a parameter to include only native applications.

Azure Active Directory Application Permissions

Shows the application permissions for the selected tenants. Contains parameters to include tenants and applications to be included in the report. Also contains a parameter to include only native applications.

Azure Active Directory Application Service Principals

Shows all the applications for the selected tenants. Contains parameters to include the tenants, applications, and service principals to be included in the report.

Azure Active Directory Contact Information

Shows all the contacts for the selected tenants. Contains parameters to select tenants and contacts to be included in the report. Also contains a parameter to include only contacts connected with on-premises Active Directory.

Azure Active Directory Deleted Users

Shows deleted users for the selected tenants. Contains a parameter to select the tenants to be included in the report.

Azure Active Directory Device Information

Shows all devices for the selected tenants. Contains parameters to select tenants and devices to be included in the report. Also contains a parameter to include only devices connected with on-premises Active Directory.

Azure Active Directory Domain Information

Shows all the domains for the selected tenants. Contains parameters to select tenants and domains to be included in the report. Also contains a parameter to include only verified domains.

Azure Active Directory Group Information

Shows all the groups for the selected tenants. Contains parameters to select tenants and groups to be included in the report. Also contains a parameter to include only groups connected with on-premises Active Directory.

Azure Active Directory Group Membership for Identity

Shows all groups to which the selected entities belong. Contains parameters to select the tenants and identities to be included in the report.

Azure Active Directory Groups and Members

Shows the group memberships for the selected tenants. If you choose to include nested groups, membership of the groups is displayed. Contains parameters to select the tenants and groups to be included in the report.

Azure Active Directory Groups Connected with On-Premises Active Directory

Shows all the Azure Active Directory groups whose identity information is synchronized with on-premises directories for the selected tenants. Contains parameters to select tenants and groups to be included in the report.

Azure Active Directory Groups with Dynamic Membership

Shows all the groups with dynamic memberships for the selected tenants. Contains parameters to select tenants and groups to be included in the report.

Azure Active Directory Identities

Shows all the Azure identities for the selected tenants. Contains parameters to select tenants and identity types to be included in the report.

Azure Active Directory Identities with Connected On-Premises Status

Shows the on-premises connection status for the selected identities, identity types, and tenants. Contains parameters to select tenants, identities, and identity types to be included in the report.

Azure Active Directory Microsoft 365 Groups

Shows all the Microsoft 365 groups for the selected tenants. Contains parameters to select tenants and groups to be included in the report.

Azure Active Directory Orphaned Groups

Shows groups without owners for the selected tenants. Contains parameters to select tenants and groups to be included in the report.

Azure Active Directory Privileged Roles for User

Shows the assigned roles for the selected users. Contains parameters to select tenants and users to be included in the report.

This report displays role names that differ from those displayed in the Azure portal.

Azure Active Directory Roles and Members

Shows all the roles and their members for the selected tenants. Contains parameters to select tenants and roles to be included in the report.

This report displays role names that differ from those displayed in the Azure portal.

Azure Active Directory Security Groups

Shows all the security groups for the selected tenants. Contains parameters to select tenants and groups to be included in the report.

Azure Active Directory Service Principal Assignments with Members

Shows the service principal assignments for the selected tenants. If you choose to include nested groups, membership of the assignment is displayed. Contains parameters to select the tenants and service principals to be included in the report. Also contains a parameter to include nested group memberships and options for how they are displayed in the report.

Azure Active Directory Service Principals

Shows all the service principals for the selected tenants. Contains parameters to select the tenants and service principals to be included in the report. Also contains a parameter to include service principals with a registered application on the tenant.

Azure Active Directory Summary

Shows a summary information with statistics for the selected tenants. Contains a parameter to select the tenants to be included in the report. Each tenant includes a table summarizing the number of users, groups, contacts, and service principals as well as statistics for Azure, users, groups, roles, and application service principals.

Azure Active Directory User Devices

Shows all the users and their devices for the selected tenants. Contains parameters to select tenants and users to be included in the report.

Azure Active Directory User Information

Shows all the users for the selected tenants. Contains parameters to select tenants and users to be included in the report. Also contains parameters to include only enabled users or only users connected with on-premises Active Directory.

Azure Active Directory Users Connected with On-Premises Active Directory

Shows all Azure Active Directory users whose identity information is synchronized with on-premises directories for the selected tenants. Contains parameters to select tenants and users to be included in the report.

Azure Active Directory Users Flagged for Risk

Shows all the users for the selected tenants that are flagged as at risk. Contains parameters to select the tenants, risks updated within the past (N) days, and risk levels to be included in the report.

Azure Active Directory Users with Multi-Factor Authentication Information

Shows users with multi-factor authentication information for the selected tenants. Contains parameters to select the tenants, users, and multi-factor authentication statuses to be included in the report.

Azure Global Administrators with Multi-Factor Authentication Disabled

Shows global administrators that do not have multi-factor authentication enabled or enforced on the selected tenants. Contains a parameter to select the tenants to be included in the report. Contains hidden parameters to include, by default, company administrators and users with multi-factor authentication status set to disabled.

Azure Managers with Direct Reports

Shows all the direct reports for the selected managers. Contains parameters to select the tenants and Azure managers to be included in the report.

Azure Tenant Information

Shows general information for the selected tenants. Contains a parameter to select tenants to be included in the report.

Azure Tenant Password Reset Policies

Shows password reset policy information for the selected tenants. Contains parameters to select the tenants to be included in the report.

Azure Tenant User Settings

Shows Azure tenant level user settings for selected tenants. Contains a parameter to select tenants to be included in the report.

Circular Nested Azure Active Directory Groups

Shows information about groups which recursively contain themselves for the selected Azure tenants. Contains a parameter to select the tenants to be included in the report.

Resources

 

Azure Classic Disk Information

Shows general information for the classic disks on the selected tenants. Contains parameters to select the tenants, subscriptions, resource groups, virtual machines, and classic disks to be included in the report.

Azure Classic Storage Account Information

Shows general information for the classic storage accounts on the selected tenants. Contains parameters to select the tenants, subscriptions, resource groups, and storage accounts to be included in the report.

Azure Classic Virtual Machine Information

Shows information for the classic virtual machines on the selected tenant. Contains parameters to select the tenants, subscriptions, resource groups, and classic virtual machines to be included in the report.

Azure Classic Virtual Machine with Networking Information

Shows classic virtual machines with networking information on the selected tenants. Contains parameters to select the tenants, subscriptions, resource groups, and classic virtual machines to be included in the report.

Azure Disk Information

Shows general information for the disks on the selected tenants. Contains parameters to select tenants, subscriptions, resource groups, and disks.

Azure IP Configuration Information

Shows IP configuration resources on the selected tenants. Contains parameters to select the tenants, subscriptions, resource groups, and IP configurations to be included in the report.

Azure Network Interface Information

Shows network interfaces on the selected tenants. Contains parameters to select the tenants, subscriptions, resource groups, and network interfaces to be included in the report.

Azure Network Security Group Information

Shows general information for the network security groups on the selected tenants. Contains parameters to select the tenants, subscriptions, resource groups, and network security groups.

Azure Resource Group Information

Shows general information for the resource groups on the selected tenants. Contains parameters to select tenants and subscriptions to be included in the report.

Azure Resource Information

Shows general information for the resources for the selected tenants. Contains parameters to select tenants, subscriptions, resource groups, and resource types to be included in the report.

Azure Resource Subscription Information

Shows general information for the resource subscriptions for the selected tenants. Contains a parameter to select tenants to be included in the report.

Azure Resource Summary

Shows a summary of the azure resources on the selected tenants. Contains a parameter to select the tenants to be included in the report.

Azure Storage Account Information

Shows general information for the storage accounts on the selected tenants. Contains parameters to select the tenants, subscriptions, resource groups, and storage accounts to be included in the report.

Azure Virtual Machine Drive Information

Shows information for the virtual machine drives on the selected tenants. Contains parameters to select the tenants, subscriptions, resource groups, and virtual machines to be included in the report.

Azure Virtual Machine Information

Shows information for virtual machines on the selected tenant. Contains parameters to select the tenants, subscriptions, and resource groups, and virtual machines to be included in the report.

Azure Virtual Machine with Networking Information

Shows virtual machines with networking information on the selected tenants. Contains parameters to select the tenants, subscriptions, resource groups, and virtual machines to be included in the report.

Azure Virtual Machines

Shows all types of virtual machines including classic and standard on the selected tenants. Contains a parameter to select the tenants to be included in the report.

Azure Virtual Network Information

Shows virtual networks on the selected tenants. Contains parameters to select the tenants, subscriptions, resource groups, and virtual networks to be included in the report. Also contains a parameter to include whether the virtual machine protection flag has changed.

Resources | Access Control

 

Azure Resource Access Control for Identity

Shows resource access control, including access derived through group membership, for the selected resources and the selected identity. Contains parameters to select the identity, tenants, subscriptions, resource groups, and resources to be included in the report.

Azure Resource Access Control with Membership

Shows permissions for the resources on the selected tenants. If you choose to include nested groups, membership of the groups is displayed. Contains parameters to select the tenants, subscriptions, resource groups, resource, and roles to be included in the report. Also contains a parameter to include nested group memberships and options for how they are displayed in the report.

Azure Resource Group Access Control for Identity

Shows resource group access control, including access derived through group membership, for the selected resource groups and the selected identity. Contains parameters to select the identity, tenants, subscriptions, and resource groups to be included in the report.

Azure Resource Group Access Control with Membership

Shows permissions for the resource groups on the selected tenants. If you choose to include nested groups, membership of the groups is displayed. Contains parameters to select the tenants, subscriptions, resource groups, and roles to be included in the report. Also contains a parameter to include nested group memberships and options for how they are displayed in the report.

Azure Resource Subscription Access Control for Identity

Shows resource subscription access control, including access derived through group membership, for the selected subscriptions and the selected identity. Contains parameters to select the identity, tenants, and subscriptions, to be included in the report.

Azure Resource Subscription Access Control with Membership

Shows permissions for the resource subscriptions on the selected tenants. If you choose to include nested groups, membership of the groups is displayed. Contains parameters to select the tenants, subscriptions, and roles to be included in the report. Also contains a parameter to include nested group memberships and options for how they are displayed in the report.

Subscriptions and Licenses

 

Azure Licensed Users for Department

Shows licensed users for the selected departments. Contains parameters to select tenants, users, and departments to be included in the report.

Azure Licensed Users with Service Plans

Shows licensed users with service plan information for the selected tenants. Contains parameters to select tenants and users to be included in the report.

Azure License Information

Shows subscription information for the selected tenants. Contains parameters to select tenants and licenses to be included in the report.

Azure Service Plan Usage

Shows service plan usage information for the selected tenants. Contains parameters to select tenants and service plans to be included in the report.

Azure Users without a License

Shows all users without a license for the selected tenants. Contains parameters to select tenants and users to be included in the report.

Change History Reports

 

Active Directory Change History

Shows the changes made over time to the selected domains. Contains parameters to select the domains, changes, and date range to be included in the report.

Computer Change History

Shows the changes made over time to the selected computers. Contains parameters to select the domains, computers, changes, and date range to be included in the report.

Database Change History

Shows the changes made over time to the selected databases. Contains parameters to select the SQL Servers, instances, databases, changes, and date range to be included in the report.

Domain Group Membership Change History

Shows the changes made over time to domain group memberships. Contains parameters to select the domains, organizational units, groups, and date range to be included in the report.

Group Membership Change History

Shows the changes over time to group memberships. Contains parameters to select the group and date range to be included in the report. You must have group membership collection enabled in your discovery in order to have data for this report.

NTFS Change History

Shows the changes made over time to the selected NTFS objects (files, folders, and shares). Contains parameters to select the domains, computers, and date range to be included in the report.

Registry Change History

Shows the changes made over time to registry keys and values. Contains parameters to select the computers, changes, and date range to be included in the report.

SQL Server Change History

Shows the changes made over time to the selected SQL servers. Contains parameters to select the SQL Servers, instances, changes, and date range to be included in the report.

自助服务工具
知识库
通知和警报
产品支持
下载软件
技术说明文件
用户论坛
视频教程
RSS订阅源
联系我们
获得许可 帮助
技术支持
查看全部
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级