To view a Privileged object's details:
From the Dashboard Uncertified Privileged Objects tile or from the Privileged Objects list, click the object's Display Name.
The following Object Properties are identified for the selected Privileged object:
-
Certification Status
-
Added By (Security Guardian, BloodHound Enterprise or User)
-
Display Name
-
Object ID
-
Object Type
-
Principal Name, Tenant, and Tenant ID (for Tenant objects)
-
Service Principal type (for Service Principal objects)
-
NOTE: This field may be populated only if On Premises Sych is enabled.
-
Role Template ID (for Role objects)
-
User Type (for User objects)
-
Security Identified (for Group objects)
-
Principal Name
-
On Premises Name (for User and Group objects, if On Premises Synch is enabled)
-
On Premises SID for User and Group objects, if On Premises Synch is enabled)
-
On Premises Domain (for User and Group objects, if On Premises Synch is enabled)
-
Date Added
NOTE: This field displays the signed-in user's local date and time.
-
Information Last Updated
Below the object properties are one or more object-specific sections:
For Tenants: Objects with control of <tenant_name>
For Roles: Active Assignments
For Service Principals and Users:
-
Objects <object_name> can control
-
Objects with control of <object_ name>
-
Roles
For groups:
-
Member of
-
Object with control of <group name>
-
Roles
Why Privileged?
This section provides the reason why the object is considered Privileged. If the object was added by the provider (Security Guardian or Bloodhound Enterprise), the reason is returned by the provider. If the object was manually added by a user, the reason is "Manually added as Tier Zero" or "manually added as Privileged" by <user_principal_that_added_object>".