{"resources":{"activedirectory":{"id":"activedirectory","name":"activedirectory","fields":{"certificateAuthorities":{"name":"certificateAuthorities","type":"\u0019\u001bactivedirectory.certificateAuthority","title":"Certificate authorities","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"certificateAuthority":{"name":"certificateAuthority","type":"\u001bactivedirectory.certificateAuthority","title":"Active Directory Certificate Authority (Enrollment Service)","provider":"go.mondoo.com/mql/v13/providers/activedirectory","is_implicit_resource":true},"certificateTemplate":{"name":"certificateTemplate","type":"\u001bactivedirectory.certificateTemplate","title":"Active Directory Certificate Services template","provider":"go.mondoo.com/mql/v13/providers/activedirectory","is_implicit_resource":true},"certificateTemplates":{"name":"certificateTemplates","type":"\u0019\u001bactivedirectory.certificateTemplate","title":"Certificate templates (ADCS)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"computer":{"name":"computer","type":"\u001bactivedirectory.computer","title":"Active Directory computer account","provider":"go.mondoo.com/mql/v13/providers/activedirectory","is_implicit_resource":true},"computers":{"name":"computers","type":"\u0019\u001bactivedirectory.computer","title":"All computer accounts","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"dangerousPermission":{"name":"dangerousPermission","type":"\u001bactivedirectory.dangerousPermission","title":"Dangerous ACL delegation found on a critical AD object.","desc":"These represent attack paths where a low-privilege principal holds powerful rights (GenericAll, WriteDACL, WriteOwner, DCSync, etc.) on sensitive objects like the domain head, AdminSDHolder, or privileged group/DC computer accounts.","provider":"go.mondoo.com/mql/v13/providers/activedirectory","is_implicit_resource":true},"dangerousPermissions":{"name":"dangerousPermissions","type":"\u0019\u001bactivedirectory.dangerousPermission","title":"Dangerous ACL delegations on critical AD objects","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"distinguishedName":{"name":"distinguishedName","type":"\u0007","is_mandatory":true,"title":"Domain distinguished name (e.g., DC=corp,DC=example,DC=com)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"dnsZone":{"name":"dnsZone","type":"\u001bactivedirectory.dnsZone","title":"Active Directory-integrated DNS zone","provider":"go.mondoo.com/mql/v13/providers/activedirectory","is_implicit_resource":true},"dnsZones":{"name":"dnsZones","type":"\u0019\u001bactivedirectory.dnsZone","title":"DNS zones","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"domain":{"name":"domain","type":"\u0007","is_mandatory":true,"title":"Domain DNS name (e.g., corp.example.com)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"domainController":{"name":"domainController","type":"\u001bactivedirectory.domainController","title":"Active Directory Domain Controller","provider":"go.mondoo.com/mql/v13/providers/activedirectory","is_implicit_resource":true},"domainControllers":{"name":"domainControllers","type":"\u0019\u001bactivedirectory.domainController","title":"Domain controllers","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"domainPasswordPolicy":{"name":"domainPasswordPolicy","type":"\u001bactivedirectory.domainPasswordPolicy","title":"Active Directory default domain password policy","provider":"go.mondoo.com/mql/v13/providers/activedirectory","is_implicit_resource":true},"domainSid":{"name":"domainSid","type":"\u0007","is_mandatory":true,"title":"Domain SID","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"fineGrainedPasswordPolicies":{"name":"fineGrainedPasswordPolicies","type":"\u0019\u001bactivedirectory.fineGrainedPasswordPolicy","title":"Fine-Grained Password Policies","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"fineGrainedPasswordPolicy":{"name":"fineGrainedPasswordPolicy","type":"\u001bactivedirectory.fineGrainedPasswordPolicy","title":"Active Directory Fine-Grained Password Policy","provider":"go.mondoo.com/mql/v13/providers/activedirectory","is_implicit_resource":true},"forestFunctionalLevel":{"name":"forestFunctionalLevel","type":"\u0007","is_mandatory":true,"title":"Forest functional level","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"forestName":{"name":"forestName","type":"\u0007","is_mandatory":true,"title":"Forest DNS name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"functionalLevel":{"name":"functionalLevel","type":"\u0007","is_mandatory":true,"title":"Domain functional level (e.g., \"2016\")","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"gpo":{"name":"gpo","type":"\u001bactivedirectory.gpo","title":"Active Directory Group Policy Object","provider":"go.mondoo.com/mql/v13/providers/activedirectory","is_implicit_resource":true},"gpoLink":{"name":"gpoLink","type":"\u001bactivedirectory.gpoLink","title":"Active Directory GPO link","provider":"go.mondoo.com/mql/v13/providers/activedirectory","is_implicit_resource":true},"gpos":{"name":"gpos","type":"\u0019\u001bactivedirectory.gpo","title":"Group Policy Objects","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"group":{"name":"group","type":"\u001bactivedirectory.group","title":"Active Directory group","provider":"go.mondoo.com/mql/v13/providers/activedirectory","is_implicit_resource":true},"groupMember":{"name":"groupMember","type":"\u001bactivedirectory.groupMember","title":"Active Directory group member (can be user, group, or computer)","provider":"go.mondoo.com/mql/v13/providers/activedirectory","is_implicit_resource":true},"groups":{"name":"groups","type":"\u0019\u001bactivedirectory.group","title":"All groups","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"lapsEnabled":{"name":"lapsEnabled","type":"\u0004","title":"Whether LAPS schema extension is present","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"ldapChannelBindingRequired":{"name":"ldapChannelBindingRequired","type":"\u0004","title":"Whether LDAP channel binding is required (LdapEnforceChannelBinding == 2 via remote registry)","min_provider_version":"13.0.2","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"ldapSigningRequired":{"name":"ldapSigningRequired","type":"\u0004","title":"Whether the DC requires LDAP signing (detected via unsigned simple bind probe with invalid credentials)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"machineAccountQuota":{"name":"machineAccountQuota","type":"\u0005","title":"Number of machine accounts any user can create (ms-DS-MachineAccountQuota; should be 0)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"netbiosName":{"name":"netbiosName","type":"\u0007","title":"Domain NetBIOS name (requires additional LDAP query against CN=Partitions)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"organizationalUnits":{"name":"organizationalUnits","type":"\u0019\u001bactivedirectory.ou","title":"Organizational Units","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"ou":{"name":"ou","type":"\u001bactivedirectory.ou","title":"Active Directory Organizational Unit","provider":"go.mondoo.com/mql/v13/providers/activedirectory","is_implicit_resource":true},"passwordPolicy":{"name":"passwordPolicy","type":"\u001bactivedirectory.domainPasswordPolicy","title":"Password policy (default domain policy)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"pkiObject":{"name":"pkiObject","type":"\u001bactivedirectory.pkiObject","title":"Active Directory PKI object under CN=Public Key Services for ESC5 analysis","provider":"go.mondoo.com/mql/v13/providers/activedirectory","is_implicit_resource":true},"pkiObjects":{"name":"pkiObjects","type":"\u0019\u001bactivedirectory.pkiObject","title":"PKI objects for ESC5 analysis","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"recycleBinEnabled":{"name":"recycleBinEnabled","type":"\u0004","title":"Whether the AD Recycle Bin optional feature is enabled","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"schemaVersion":{"name":"schemaVersion","type":"\u0005","title":"Schema version","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"smbEncryptionSupported":{"name":"smbEncryptionSupported","type":"\u0004","title":"Whether the DC advertises SMB3 encryption capability","min_provider_version":"13.0.2","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"smbGuestAccessAllowed":{"name":"smbGuestAccessAllowed","type":"\u0004","title":"Whether the DC falls back to guest session on invalid credentials","min_provider_version":"13.0.2","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"smbHighestDialect":{"name":"smbHighestDialect","type":"\u0007","title":"Highest SMB dialect negotiated by the DC (e.g., \"3.1.1\", \"3.0\", \"2.1\")","min_provider_version":"13.0.2","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"smbNullSessionAllowed":{"name":"smbNullSessionAllowed","type":"\u0004","title":"Whether the DC accepts SMB null sessions (unauthenticated access)","min_provider_version":"13.0.2","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"smbSigningRequired":{"name":"smbSigningRequired","type":"\u0004","title":"Whether the DC requires SMB signing (detected via pre-auth negotiate probe on port 445)","min_provider_version":"13.0.2","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"smbv1Enabled":{"name":"smbv1Enabled","type":"\u0004","title":"Whether the DC still accepts SMBv1 connections (detected via explicit SMB1 negotiate probe)","min_provider_version":"13.0.2","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"trust":{"name":"trust","type":"\u001bactivedirectory.trust","title":"Active Directory domain trust","provider":"go.mondoo.com/mql/v13/providers/activedirectory","is_implicit_resource":true},"trusts":{"name":"trusts","type":"\u0019\u001bactivedirectory.trust","title":"Domain trusts","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"user":{"name":"user","type":"\u001bactivedirectory.user","title":"Active Directory user account","provider":"go.mondoo.com/mql/v13/providers/activedirectory","is_implicit_resource":true},"users":{"name":"users","type":"\u0019\u001bactivedirectory.user","title":"All user accounts","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Active Directory Domain Services","min_provider_version":"13.0.1","defaults":"domain functionalLevel","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"activedirectory.certificateAuthority":{"id":"activedirectory.certificateAuthority","name":"activedirectory.certificateAuthority","fields":{"caType":{"name":"caType","type":"\u0007","is_mandatory":true,"title":"CA type (Enterprise Root, Enterprise Subordinate, etc.)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"certificateExpiration":{"name":"certificateExpiration","type":"\t","is_mandatory":true,"title":"CA certificate expiration","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"certificateTemplates":{"name":"certificateTemplates","type":"\u0019\u0007","is_mandatory":true,"title":"Certificate template CN names published on this CA","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"dangerousCAPermissions":{"name":"dangerousCAPermissions","type":"\u0019\u0007","is_mandatory":true,"title":"Principals with ManageCA or ManageCertificates rights","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"distinguishedName":{"name":"distinguishedName","type":"\u0007","is_mandatory":true,"title":"Distinguished name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"dnsHostname":{"name":"dnsHostname","type":"\u0007","is_mandatory":true,"title":"DNS hostname of the CA server","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"enrollmentAgentRestrictionsConfigured":{"name":"enrollmentAgentRestrictionsConfigured","type":"\u0004","is_mandatory":true,"title":"Whether enrollment agent restrictions are configured on this CA","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"hasHttpEnrollment":{"name":"hasHttpEnrollment","type":"\u0004","is_mandatory":true,"title":"Whether the CA has HTTP (non-TLS) enrollment endpoints (ESC8)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"httpEnrollmentEndpoints":{"name":"httpEnrollmentEndpoints","type":"\u0019\u0007","is_mandatory":true,"title":"HTTP(S) enrollment endpoint URLs registered for this CA","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isVulnerableESC7":{"name":"isVulnerableESC7","type":"\u0004","is_mandatory":true,"title":"Whether any low-privilege principal has ManageCA rights (ESC7)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"name":{"name":"name","type":"\u0007","is_mandatory":true,"title":"CA name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Active Directory Certificate Authority (Enrollment Service)","min_provider_version":"13.0.1","defaults":"name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"activedirectory.certificateTemplate":{"id":"activedirectory.certificateTemplate","name":"activedirectory.certificateTemplate","fields":{"authorizedSignaturesRequired":{"name":"authorizedSignaturesRequired","type":"\u0005","is_mandatory":true,"title":"Number of authorized signatures required","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"certificateNameFlags":{"name":"certificateNameFlags","type":"\u0005","is_mandatory":true,"title":"Certificate name flags raw value","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"displayName":{"name":"displayName","type":"\u0007","is_mandatory":true,"title":"Template display name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"distinguishedName":{"name":"distinguishedName","type":"\u0007","is_mandatory":true,"title":"Distinguished name in CN=Certificate Templates","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"enrolleeSuppliesSubject":{"name":"enrolleeSuppliesSubject","type":"\u0004","is_mandatory":true,"title":"Whether enrollee can supply the Subject Alternative Name (ESC1 indicator)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"enrollmentFlags":{"name":"enrollmentFlags","type":"\u0005","is_mandatory":true,"title":"Enrollment flags raw value","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"enrollmentPermissions":{"name":"enrollmentPermissions","type":"\u0019\u0007","is_mandatory":true,"title":"Principals that can enroll","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"extendedKeyUsages":{"name":"extendedKeyUsages","type":"\u0019\u0007","is_mandatory":true,"title":"Extended Key Usages (OIDs)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"hasAnyPurposeEku":{"name":"hasAnyPurposeEku","type":"\u0004","is_mandatory":true,"title":"Whether template has \"Any Purpose\" EKU (2.5.29.37.0)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"hasAuthenticationEku":{"name":"hasAuthenticationEku","type":"\u0004","is_mandatory":true,"title":"Whether template has authentication EKU","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"hasNoEku":{"name":"hasNoEku","type":"\u0004","is_mandatory":true,"title":"Whether template has no EKU (subordinate CA risk - ESC2)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isPublished":{"name":"isPublished","type":"\u0004","is_mandatory":true,"title":"Whether the template is published on at least one Enterprise CA","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isVulnerableESC1":{"name":"isVulnerableESC1","type":"\u0004","is_mandatory":true,"title":"Whether the template is vulnerable to ESC1","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isVulnerableESC13":{"name":"isVulnerableESC13","type":"\u0004","is_mandatory":true,"title":"Whether the template is vulnerable to ESC13 (issuance policy OID linked to privileged group)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isVulnerableESC2":{"name":"isVulnerableESC2","type":"\u0004","is_mandatory":true,"title":"Whether the template is vulnerable to ESC2","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isVulnerableESC3":{"name":"isVulnerableESC3","type":"\u0004","is_mandatory":true,"title":"Whether the template is vulnerable to ESC3 (Certificate Request Agent EKU abuse)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isVulnerableESC4":{"name":"isVulnerableESC4","type":"\u0004","is_mandatory":true,"title":"Whether the template is vulnerable to ESC4 (overly permissive template ACL)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isVulnerableESC9":{"name":"isVulnerableESC9","type":"\u0004","is_mandatory":true,"title":"Whether the template is vulnerable to ESC9 (no security extension with auth EKU)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"issuancePolicies":{"name":"issuancePolicies","type":"\u0019\u0007","is_mandatory":true,"title":"Issuance policy OIDs (msPKI-Certificate-Policy) referenced by this template","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"lowPrivilegedEnrollment":{"name":"lowPrivilegedEnrollment","type":"\u0004","is_mandatory":true,"title":"Whether low-privileged users can enroll","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"managerApprovalRequired":{"name":"managerApprovalRequired","type":"\u0004","is_mandatory":true,"title":"Whether manager approval is required","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"name":{"name":"name","type":"\u0007","is_mandatory":true,"title":"Template common name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"noSecurityExtension":{"name":"noSecurityExtension","type":"\u0004","is_mandatory":true,"title":"Whether CT_FLAG_NO_SECURITY_EXTENSION is set in enrollment flags","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"oid":{"name":"oid","type":"\u0007","is_mandatory":true,"title":"Template OID","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"renewalPeriod":{"name":"renewalPeriod","type":"\u0007","is_mandatory":true,"title":"Renewal period","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"schemaVersion":{"name":"schemaVersion","type":"\u0005","is_mandatory":true,"title":"Schema version (1, 2, 3, or 4)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"validityPeriod":{"name":"validityPeriod","type":"\u0007","is_mandatory":true,"title":"Validity period","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"whenChanged":{"name":"whenChanged","type":"\t","is_mandatory":true,"title":"Last modified timestamp","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"whenCreated":{"name":"whenCreated","type":"\t","is_mandatory":true,"title":"Creation timestamp","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Active Directory Certificate Services template","min_provider_version":"13.0.1","defaults":"name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"activedirectory.computer":{"id":"activedirectory.computer","name":"activedirectory.computer","fields":{"constrainedDelegation":{"name":"constrainedDelegation","type":"\u0004","is_mandatory":true,"title":"Whether constrained delegation is configured","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"constrainedDelegationTargets":{"name":"constrainedDelegationTargets","type":"\u0019\u0007","is_mandatory":true,"title":"Constrained delegation targets","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"daysSinceLastLogon":{"name":"daysSinceLastLogon","type":"\u0005","is_mandatory":true,"title":"Days since last logon","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"description":{"name":"description","type":"\u0007","is_mandatory":true,"title":"Description","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"distinguishedName":{"name":"distinguishedName","type":"\u0007","is_mandatory":true,"title":"Distinguished name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"enabled":{"name":"enabled","type":"\u0004","is_mandatory":true,"title":"Whether the account is enabled","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isDomainController":{"name":"isDomainController","type":"\u0004","is_mandatory":true,"title":"Whether the computer is a domain controller","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isStale":{"name":"isStale","type":"\u0004","is_mandatory":true,"title":"Whether the account is stale (\u003e90 days)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"lapsEnabled":{"name":"lapsEnabled","type":"\u0004","is_mandatory":true,"title":"Whether LAPS is deployed on this computer","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"lapsExpirationTime":{"name":"lapsExpirationTime","type":"\t","is_mandatory":true,"title":"LAPS password expiration time","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"lastLogonTimestamp":{"name":"lastLogonTimestamp","type":"\t","is_mandatory":true,"title":"Last logon timestamp (from lastLogonTimestamp)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"name":{"name":"name","type":"\u0007","is_mandatory":true,"title":"DNS hostname","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"operatingSystem":{"name":"operatingSystem","type":"\u0007","is_mandatory":true,"title":"Operating system name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"operatingSystemServicePack":{"name":"operatingSystemServicePack","type":"\u0007","is_mandatory":true,"title":"Operating system service pack","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"operatingSystemVersion":{"name":"operatingSystemVersion","type":"\u0007","is_mandatory":true,"title":"Operating system version","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"ouPath":{"name":"ouPath","type":"\u0007","is_mandatory":true,"title":"Organizational Unit path","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"passwordAgeDays":{"name":"passwordAgeDays","type":"\u0005","is_mandatory":true,"title":"Password age in days","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"protocolTransition":{"name":"protocolTransition","type":"\u0004","is_mandatory":true,"title":"Whether protocol transition (S4U2Self) is enabled via TRUSTED_TO_AUTH_FOR_DELEGATION","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"pwdLastSet":{"name":"pwdLastSet","type":"\t","is_mandatory":true,"title":"Last password set timestamp","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"rbcd":{"name":"rbcd","type":"\u0004","is_mandatory":true,"title":"Resource-based constrained delegation configured","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"sAMAccountName":{"name":"sAMAccountName","type":"\u0007","is_mandatory":true,"title":"sAMAccountName (includes trailing $)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"servicePrincipalNames":{"name":"servicePrincipalNames","type":"\u0019\u0007","is_mandatory":true,"title":"Service Principal Names","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"sid":{"name":"sid","type":"\u0007","is_mandatory":true,"title":"Object SID","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"unconstrainedDelegation":{"name":"unconstrainedDelegation","type":"\u0004","is_mandatory":true,"title":"Whether unconstrained delegation is enabled","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"userAccountControl":{"name":"userAccountControl","type":"\u0005","is_mandatory":true,"title":"userAccountControl flags","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"whenCreated":{"name":"whenCreated","type":"\t","is_mandatory":true,"title":"Creation timestamp","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Active Directory computer account","min_provider_version":"13.0.1","defaults":"name operatingSystem enabled","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"activedirectory.dangerousPermission":{"id":"activedirectory.dangerousPermission","name":"activedirectory.dangerousPermission","fields":{"accessMask":{"name":"accessMask","type":"\u0005","is_mandatory":true,"title":"Raw access mask value","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"principalSID":{"name":"principalSID","type":"\u0007","is_mandatory":true,"title":"SID of the principal granted dangerous access","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"rightType":{"name":"rightType","type":"\u0007","is_mandatory":true,"title":"Type of dangerous right (GenericAll, WriteDACL, WriteOwner, GenericWrite, DCSync, ForceChangePassword)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"targetDN":{"name":"targetDN","type":"\u0007","is_mandatory":true,"title":"DN of the AD object with the dangerous ACL","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"targetName":{"name":"targetName","type":"\u0007","is_mandatory":true,"title":"Friendly name of the target object","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"targetType":{"name":"targetType","type":"\u0007","is_mandatory":true,"title":"Category of the target (domain, adminSDHolder, group, computer, user, ou)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Dangerous ACL delegation found on a critical AD object.","desc":"These represent attack paths where a low-privilege principal holds powerful rights (GenericAll, WriteDACL, WriteOwner, DCSync, etc.) on sensitive objects like the domain head, AdminSDHolder, or privileged group/DC computer accounts.","min_provider_version":"13.0.1","defaults":"targetName rightType principalSID","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"activedirectory.dnsZone":{"id":"activedirectory.dnsZone","name":"activedirectory.dnsZone","fields":{"distinguishedName":{"name":"distinguishedName","type":"\u0007","is_mandatory":true,"title":"Distinguished name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"dynamicUpdate":{"name":"dynamicUpdate","type":"\u0004","is_mandatory":true,"title":"Whether dynamic updates are enabled","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"name":{"name":"name","type":"\u0007","is_mandatory":true,"title":"Zone name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"secureOnly":{"name":"secureOnly","type":"\u0004","is_mandatory":true,"title":"Whether secure-only dynamic updates","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"zoneType":{"name":"zoneType","type":"\u0007","is_mandatory":true,"title":"Zone type","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Active Directory-integrated DNS zone","min_provider_version":"13.0.1","defaults":"name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"activedirectory.domainController":{"id":"activedirectory.domainController","name":"activedirectory.domainController","fields":{"distinguishedName":{"name":"distinguishedName","type":"\u0007","is_mandatory":true,"title":"Distinguished name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isGlobalCatalog":{"name":"isGlobalCatalog","type":"\u0004","is_mandatory":true,"title":"Is Global Catalog","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isRODC":{"name":"isRODC","type":"\u0004","is_mandatory":true,"title":"Is Read-Only Domain Controller","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"lastLogonTimestamp":{"name":"lastLogonTimestamp","type":"\t","is_mandatory":true,"title":"Last logon timestamp","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"name":{"name":"name","type":"\u0007","is_mandatory":true,"title":"DNS hostname","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"operatingSystem":{"name":"operatingSystem","type":"\u0007","is_mandatory":true,"title":"Operating system","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"operatingSystemVersion":{"name":"operatingSystemVersion","type":"\u0007","is_mandatory":true,"title":"Operating system version","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"pwdLastSet":{"name":"pwdLastSet","type":"\t","is_mandatory":true,"title":"Last password set timestamp","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"site":{"name":"site","type":"\u0007","is_mandatory":true,"title":"Site name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Active Directory Domain Controller","min_provider_version":"13.0.1","defaults":"name operatingSystem","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"activedirectory.domainPasswordPolicy":{"id":"activedirectory.domainPasswordPolicy","name":"activedirectory.domainPasswordPolicy","fields":{"complexityEnabled":{"name":"complexityEnabled","type":"\u0004","is_mandatory":true,"title":"Whether password complexity is required","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"lockoutDuration":{"name":"lockoutDuration","type":"\u0005","is_mandatory":true,"title":"Account lockout duration in minutes","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"lockoutObservationWindow":{"name":"lockoutObservationWindow","type":"\u0005","is_mandatory":true,"title":"Account lockout observation window in minutes","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"lockoutThreshold":{"name":"lockoutThreshold","type":"\u0005","is_mandatory":true,"title":"Account lockout threshold","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"maxPasswordAge":{"name":"maxPasswordAge","type":"\u0005","is_mandatory":true,"title":"Maximum password age in days","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"minPasswordAge":{"name":"minPasswordAge","type":"\u0005","is_mandatory":true,"title":"Minimum password age in days","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"minPasswordLength":{"name":"minPasswordLength","type":"\u0005","is_mandatory":true,"title":"Minimum password length","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"passwordHistoryCount":{"name":"passwordHistoryCount","type":"\u0005","is_mandatory":true,"title":"Password history count","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"reversibleEncryption":{"name":"reversibleEncryption","type":"\u0004","is_mandatory":true,"title":"Whether reversible encryption is enabled","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Active Directory default domain password policy","min_provider_version":"13.0.1","defaults":"minPasswordLength maxPasswordAge lockoutThreshold","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"activedirectory.fineGrainedPasswordPolicy":{"id":"activedirectory.fineGrainedPasswordPolicy","name":"activedirectory.fineGrainedPasswordPolicy","fields":{"appliesTo":{"name":"appliesTo","type":"\u0019\u0007","is_mandatory":true,"title":"Subjects the policy applies to","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"complexityEnabled":{"name":"complexityEnabled","type":"\u0004","is_mandatory":true,"title":"Whether password complexity is required","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"distinguishedName":{"name":"distinguishedName","type":"\u0007","is_mandatory":true,"title":"Distinguished name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"lockoutDuration":{"name":"lockoutDuration","type":"\u0005","is_mandatory":true,"title":"Account lockout duration in minutes","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"lockoutThreshold":{"name":"lockoutThreshold","type":"\u0005","is_mandatory":true,"title":"Account lockout threshold","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"maxPasswordAge":{"name":"maxPasswordAge","type":"\u0005","is_mandatory":true,"title":"Maximum password age in days","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"minPasswordAge":{"name":"minPasswordAge","type":"\u0005","is_mandatory":true,"title":"Minimum password age in days","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"minPasswordLength":{"name":"minPasswordLength","type":"\u0005","is_mandatory":true,"title":"Minimum password length","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"name":{"name":"name","type":"\u0007","is_mandatory":true,"title":"Policy name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"passwordHistoryCount":{"name":"passwordHistoryCount","type":"\u0005","is_mandatory":true,"title":"Password history count","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"precedence":{"name":"precedence","type":"\u0005","is_mandatory":true,"title":"Precedence value (lower = higher priority)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"reversibleEncryption":{"name":"reversibleEncryption","type":"\u0004","is_mandatory":true,"title":"Whether reversible encryption is enabled","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Active Directory Fine-Grained Password Policy","min_provider_version":"13.0.1","defaults":"name precedence minPasswordLength","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"activedirectory.gpo":{"id":"activedirectory.gpo","name":"activedirectory.gpo","fields":{"displayName":{"name":"displayName","type":"\u0007","is_mandatory":true,"title":"Display name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"distinguishedName":{"name":"distinguishedName","type":"\u0007","is_mandatory":true,"title":"Distinguished name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"gpcFileSysPath":{"name":"gpcFileSysPath","type":"\u0007","is_mandatory":true,"title":"Path in SYSVOL","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"gpoStatus":{"name":"gpoStatus","type":"\u0007","is_mandatory":true,"title":"GPO status (enabled, disabled, user disabled, computer disabled)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"id":{"name":"id","type":"\u0007","is_mandatory":true,"title":"GPO GUID","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isLinked":{"name":"isLinked","type":"\u0004","is_mandatory":true,"title":"Whether the GPO is linked anywhere","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"links":{"name":"links","type":"\u0019\u001bactivedirectory.gpoLink","title":"Link metadata for each OU/domain/site this GPO is attached to","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"version":{"name":"version","type":"\u0005","is_mandatory":true,"title":"Version number","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"whenChanged":{"name":"whenChanged","type":"\t","is_mandatory":true,"title":"Last modified timestamp","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"whenCreated":{"name":"whenCreated","type":"\t","is_mandatory":true,"title":"Creation timestamp","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Active Directory Group Policy Object","min_provider_version":"13.0.1","defaults":"displayName","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"activedirectory.gpoLink":{"id":"activedirectory.gpoLink","name":"activedirectory.gpoLink","fields":{"enabled":{"name":"enabled","type":"\u0004","is_mandatory":true,"title":"Whether the link is enabled","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"enforced":{"name":"enforced","type":"\u0004","is_mandatory":true,"title":"Whether the link is enforced","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"order":{"name":"order","type":"\u0005","is_mandatory":true,"title":"Link order; 1 is highest precedence (applied last)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"target":{"name":"target","type":"\u0007","is_mandatory":true,"title":"Target DN or site this link applies to","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Active Directory GPO link","min_provider_version":"13.0.1","defaults":"target","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"activedirectory.group":{"id":"activedirectory.group","name":"activedirectory.group","fields":{"adminCount":{"name":"adminCount","type":"\u0004","is_mandatory":true,"title":"Admin count flag","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"description":{"name":"description","type":"\u0007","is_mandatory":true,"title":"Description","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"displayName":{"name":"displayName","type":"\u0007","is_mandatory":true,"title":"Display name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"distinguishedName":{"name":"distinguishedName","type":"\u0007","is_mandatory":true,"title":"Distinguished name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"groupType":{"name":"groupType","type":"\u0007","is_mandatory":true,"title":"Group type description (Security/Distribution, Global/Universal/DomainLocal)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"groupTypeRaw":{"name":"groupTypeRaw","type":"\u0005","is_mandatory":true,"title":"Raw groupType flags","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isPrivileged":{"name":"isPrivileged","type":"\u0004","is_mandatory":true,"title":"Whether this is a built-in privileged group","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"memberCount":{"name":"memberCount","type":"\u0005","title":"Member count","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"members":{"name":"members","type":"\u0019\u001bactivedirectory.groupMember","title":"Direct members","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"ouPath":{"name":"ouPath","type":"\u0007","is_mandatory":true,"title":"Organizational Unit path","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"sAMAccountName":{"name":"sAMAccountName","type":"\u0007","is_mandatory":true,"title":"sAMAccountName","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"sid":{"name":"sid","type":"\u0007","is_mandatory":true,"title":"Object SID","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"whenCreated":{"name":"whenCreated","type":"\t","is_mandatory":true,"title":"Creation timestamp","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Active Directory group","min_provider_version":"13.0.1","defaults":"sAMAccountName groupType","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"activedirectory.groupMember":{"id":"activedirectory.groupMember","name":"activedirectory.groupMember","fields":{"distinguishedName":{"name":"distinguishedName","type":"\u0007","is_mandatory":true,"title":"Distinguished name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"name":{"name":"name","type":"\u0007","is_mandatory":true,"title":"sAMAccountName or name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"sid":{"name":"sid","type":"\u0007","is_mandatory":true,"title":"Object SID","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"type":{"name":"type","type":"\u0007","is_mandatory":true,"title":"Member type (user, group, computer)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Active Directory group member (can be user, group, or computer)","min_provider_version":"13.0.1","defaults":"name type","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"activedirectory.ou":{"id":"activedirectory.ou","name":"activedirectory.ou","fields":{"description":{"name":"description","type":"\u0007","is_mandatory":true,"title":"Description","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"distinguishedName":{"name":"distinguishedName","type":"\u0007","is_mandatory":true,"title":"Distinguished name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"gpoInheritanceBlocked":{"name":"gpoInheritanceBlocked","type":"\u0004","is_mandatory":true,"title":"Whether GPO inheritance is blocked","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"linkedGpos":{"name":"linkedGpos","type":"\u0019\u001bactivedirectory.gpoLink","title":"Linked GPOs in link order","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"name":{"name":"name","type":"\u0007","is_mandatory":true,"title":"OU name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"whenCreated":{"name":"whenCreated","type":"\t","is_mandatory":true,"title":"Creation timestamp","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Active Directory Organizational Unit","min_provider_version":"13.0.1","defaults":"name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"activedirectory.pkiObject":{"id":"activedirectory.pkiObject","name":"activedirectory.pkiObject","fields":{"dangerousAclPrincipals":{"name":"dangerousAclPrincipals","type":"\u0019\u0007","is_mandatory":true,"title":"Principals with dangerous write-equivalent rights","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"distinguishedName":{"name":"distinguishedName","type":"\u0007","is_mandatory":true,"title":"Distinguished name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isVulnerableESC5":{"name":"isVulnerableESC5","type":"\u0004","is_mandatory":true,"title":"Whether the object is vulnerable to ESC5 (dangerous write-equivalent ACLs)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"name":{"name":"name","type":"\u0007","is_mandatory":true,"title":"Relative name of the PKI object","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"objectClass":{"name":"objectClass","type":"\u0007","is_mandatory":true,"title":"Primary object class","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"whenChanged":{"name":"whenChanged","type":"\t","is_mandatory":true,"title":"Last modified timestamp","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"whenCreated":{"name":"whenCreated","type":"\t","is_mandatory":true,"title":"Creation timestamp","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Active Directory PKI object under CN=Public Key Services for ESC5 analysis","min_provider_version":"13.0.1","defaults":"name objectClass","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"activedirectory.trust":{"id":"activedirectory.trust","name":"activedirectory.trust","fields":{"aesEncryption":{"name":"aesEncryption","type":"\u0004","is_mandatory":true,"title":"Whether the trust uses AES encryption","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isAzureADTrust":{"name":"isAzureADTrust","type":"\u0004","is_mandatory":true,"title":"Whether the trust is to Azure AD","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isTransitive":{"name":"isTransitive","type":"\u0004","is_mandatory":true,"title":"Whether the trust is transitive","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"rc4Encryption":{"name":"rc4Encryption","type":"\u0004","is_mandatory":true,"title":"Whether the trust uses RC4 encryption (weak)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"selectiveAuthentication":{"name":"selectiveAuthentication","type":"\u0004","is_mandatory":true,"title":"Whether selective authentication is used","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"sidFilteringEnabled":{"name":"sidFilteringEnabled","type":"\u0004","is_mandatory":true,"title":"Whether SID filtering is enabled","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"sidHistoryEnabled":{"name":"sidHistoryEnabled","type":"\u0004","is_mandatory":true,"title":"Whether SID history is enabled across the trust","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"sourceDomain":{"name":"sourceDomain","type":"\u0007","is_mandatory":true,"title":"Source domain name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"targetDomain":{"name":"targetDomain","type":"\u0007","is_mandatory":true,"title":"Target domain name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"tgtDelegation":{"name":"tgtDelegation","type":"\u0004","is_mandatory":true,"title":"Whether TGT delegation is enabled","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"trustAttributes":{"name":"trustAttributes","type":"\u0005","is_mandatory":true,"title":"Trust attributes raw value","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"trustDirection":{"name":"trustDirection","type":"\u0007","is_mandatory":true,"title":"Trust direction (Inbound, Outbound, Bidirectional)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"trustType":{"name":"trustType","type":"\u0007","is_mandatory":true,"title":"Trust type (External, Forest, ParentChild, CrossLink, MIT)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"whenCreated":{"name":"whenCreated","type":"\t","is_mandatory":true,"title":"Trust creation timestamp","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Active Directory domain trust","min_provider_version":"13.0.1","defaults":"targetDomain trustType trustDirection","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"activedirectory.user":{"id":"activedirectory.user","name":"activedirectory.user","fields":{"adminCount":{"name":"adminCount","type":"\u0004","is_mandatory":true,"title":"Admin count flag (indicates adminSDHolder protection)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"constrainedDelegationTargets":{"name":"constrainedDelegationTargets","type":"\u0019\u0007","is_mandatory":true,"title":"Constrained delegation targets (msDS-AllowedToDelegateTo)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"daysSinceLastLogon":{"name":"daysSinceLastLogon","type":"\u0005","is_mandatory":true,"title":"Days since last logon","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"description":{"name":"description","type":"\u0007","is_mandatory":true,"title":"Description (may contain credentials in misconfigured environments)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"displayName":{"name":"displayName","type":"\u0007","is_mandatory":true,"title":"Display name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"distinguishedName":{"name":"distinguishedName","type":"\u0007","is_mandatory":true,"title":"Distinguished name","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"email":{"name":"email","type":"\u0007","is_mandatory":true,"title":"Email address","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"enabled":{"name":"enabled","type":"\u0004","is_mandatory":true,"title":"Whether the account is enabled","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isDomainAdmin":{"name":"isDomainAdmin","type":"\u0004","title":"Whether user is member of Domain Admins","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isEnterpriseAdmin":{"name":"isEnterpriseAdmin","type":"\u0004","title":"Whether user is member of Enterprise Admins","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isGMSA":{"name":"isGMSA","type":"\u0004","is_mandatory":true,"title":"Whether the account is a Group Managed Service Account","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isPrivileged":{"name":"isPrivileged","type":"\u0004","title":"Whether user is member of any privileged group","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isSchemaAdmin":{"name":"isSchemaAdmin","type":"\u0004","title":"Whether user is member of Schema Admins","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"isStale":{"name":"isStale","type":"\u0004","is_mandatory":true,"title":"Whether the account is stale (\u003e90 days since last logon)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"kerberoastable":{"name":"kerberoastable","type":"\u0004","is_mandatory":true,"title":"Whether the account is Kerberoastable (has SPN and is not krbtgt/computer)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"kerberosPreAuthNotRequired":{"name":"kerberosPreAuthNotRequired","type":"\u0004","is_mandatory":true,"title":"Whether Kerberos pre-authentication is disabled (AS-REP roastable)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"lastLogonTimestamp":{"name":"lastLogonTimestamp","type":"\t","is_mandatory":true,"title":"Last logon timestamp (from lastLogonTimestamp)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"memberOf":{"name":"memberOf","type":"\u0019\u0007","is_mandatory":true,"title":"Group memberships (direct)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"ouPath":{"name":"ouPath","type":"\u0007","is_mandatory":true,"title":"Organizational Unit path","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"passwordAgeDays":{"name":"passwordAgeDays","type":"\u0005","is_mandatory":true,"title":"Password age in days","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"passwordNeverExpires":{"name":"passwordNeverExpires","type":"\u0004","is_mandatory":true,"title":"Whether password never expires","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"passwordNotRequired":{"name":"passwordNotRequired","type":"\u0004","is_mandatory":true,"title":"Whether password is not required","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"protectedUser":{"name":"protectedUser","type":"\u0004","title":"Whether account is a member of Protected Users group","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"pwdLastSet":{"name":"pwdLastSet","type":"\t","is_mandatory":true,"title":"Last password set timestamp","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"reversibleEncryption":{"name":"reversibleEncryption","type":"\u0004","is_mandatory":true,"title":"Whether reversible password encryption is allowed for the account","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"sAMAccountName":{"name":"sAMAccountName","type":"\u0007","is_mandatory":true,"title":"sAMAccountName (pre-Windows 2000 logon name)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"sensitiveAndCannotBeDelegated":{"name":"sensitiveAndCannotBeDelegated","type":"\u0004","is_mandatory":true,"title":"Whether account is sensitive and cannot be delegated","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"servicePrincipalNames":{"name":"servicePrincipalNames","type":"\u0019\u0007","is_mandatory":true,"title":"Service Principal Names","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"sid":{"name":"sid","type":"\u0007","is_mandatory":true,"title":"Object SID","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"sidHistory":{"name":"sidHistory","type":"\u0019\u0007","is_mandatory":true,"title":"SID history (for migration tracking / potential abuse)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"useDesKeyOnly":{"name":"useDesKeyOnly","type":"\u0004","is_mandatory":true,"title":"Whether account uses DES-only Kerberos encryption","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"userAccountControl":{"name":"userAccountControl","type":"\u0005","is_mandatory":true,"title":"userAccountControl raw flags","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"userPrincipalName":{"name":"userPrincipalName","type":"\u0007","is_mandatory":true,"title":"User Principal Name (user@domain.com)","provider":"go.mondoo.com/mql/v13/providers/activedirectory"},"whenCreated":{"name":"whenCreated","type":"\t","is_mandatory":true,"title":"Account creation timestamp","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}},"title":"Active Directory user account","min_provider_version":"13.0.1","defaults":"sAMAccountName displayName enabled","provider":"go.mondoo.com/mql/v13/providers/activedirectory"}}}