-
Notifications
You must be signed in to change notification settings - Fork 0
Groups
Clicking on a group node will populate the Node Info tab with information about that group:
-Direct Members: These are the users and groups that are explicitly added to this group. This is the information you would see when typing net group groupname /domain
-Unrolled Members: These are all of the effective group memberships for the group. This is the equivalent of running Get-NetGroup -GroupName groupame -Recurse
-Direct Admin To: These are the computers where the group itself is added explicitly as a local administrator on a system.
-Derivative Admin To: These are the computers the effective members of the group can gain administrator rights to by impersonating a user currently using a computer the user has administrator privileges to, regardless of how deep this chaining goes.
-Sessions: These are all the computers the ingestor identified the effective users of the group as logged onto during collection.