Active Directory Report
Report created on Dec 4, 2018 03:37 AM
Report: 12-04-2018
Company Information
DomainAD Recycle BinInfrastructure MasterRID MasterPDC EmulatorDomain Naming MasterSchema Master
TheLazyAdministrator.comEnabledbwdc01.TheLazyAdministrator.combwdc01.TheLazyAdministrator.combwdc01.TheLazyAdministrator.combwdc01.TheLazyAdministrator.combwdc01.TheLazyAdministrator.com
Groups
Domain Administrators
NameEnabledType
Bradley WyattTrueuser
Brad WyattTrueuser
Frank AndersonTrueuser
Enterprise Administrators
NameEnabledType
Ron HamstringTrueuser
Bradley WyattTrueuser
Objects in Default OUs
Computers
NameEnabledOperating SystemModified DatePassword Last SetProtect from Deletion
Test-PCTrueWindows Server 2012 R212/4/2018 3:19:32 AM12/3/2018 7:27:51 PMFalse
test-pc2FalseWindows 10 Pro12/4/2018 3:20:05 AM12/3/2018 7:28:51 PMFalse
test-pc3TrueWindows Server 201212/4/2018 3:17:04 AM12/3/2018 7:28:53 PMFalse
test-pc4TrueWindows 7 Ultimate12/4/2018 3:20:15 AM12/3/2018 7:28:55 PMFalse
test-pc5TrueWindows 10 Pro12/4/2018 3:22:15 AM12/3/2018 7:28:57 PMFalse
test-pc6TrueWindows 8 Ultimate12/4/2018 3:20:23 AM12/3/2018 7:28:59 PMFalse
test-pc7TrueWindows 10 Pro12/4/2018 3:20:39 AM12/3/2018 7:29:00 PMFalse
test-pc8TrueWindows 10 Pro12/4/2018 3:20:43 AM12/3/2018 7:29:02 PMFalse
test-pc9TrueWindows 10 Pro12/4/2018 3:20:47 AM12/3/2018 7:29:04 PMFalse
test-pc10TrueWindows 1012/4/2018 3:10:48 AM12/3/2018 7:29:06 PMFalse
test-pc111FalseWindows 10 Pro12/4/2018 3:19:45 AM12/3/2018 7:29:09 PMFalse
test-pc11TrueWindows Server 2012 R212/4/2018 3:18:26 AM12/3/2018 7:29:11 PMFalse
test-pc12TrueWindows 10 Pro12/4/2018 3:19:49 AM12/3/2018 7:29:13 PMFalse
test-pc13FalseWindows 7 Pro12/4/2018 3:10:57 AM12/3/2018 7:29:14 PMFalse
test-pc14FalseWindows 7 Ultimate12/4/2018 3:11:09 AM12/3/2018 7:29:18 PMFalse
test-pc154FalseWindows 10 Pro12/4/2018 3:20:00 AM12/3/2018 7:29:20 PMFalse
test-pc15FalseWindows 10 Pro12/4/2018 3:19:53 AM12/3/2018 7:29:22 PMFalse
win10pcTrueWindows 10 Pro12/4/2018 2:59:06 AM12/4/2018 2:59:05 AMFalse
Users
NameUserPrincipalNameEnabledProtected from DeletionLast LogonEmail Address
Wedding[email protected]TrueFalseNever[email protected]
Ron Hamstring[email protected]TrueFalseNever[email protected]
Bradley Wyatt[email protected]TrueFalse12/4/2018 2:59:05 AM
GuestFalseFalseNever
DefaultAccountFalseFalseNever
krbtgtFalseFalseNever
AD Objects Modified in Last 3 Days
NameObject TypeWhen Changed
Default Domain PolicygroupPolicyContainer12/2/2018 1:00:55 AM
Bradley Wyattuser12/2/2018 1:45:38 AM
Enterprise Adminsgroup12/2/2018 2:07:35 AM
Domain Adminsgroup12/2/2018 12:48:41 AM
thelazyadministratororganizationalUnit12/2/2018 11:46:32 PM
Ron Hamstringuser12/3/2018 3:15:41 AM
Brad Wyattuser12/2/2018 1:06:16 AM
a distrogroup12/1/2018 6:04:59 PM
distro group 2group12/2/2018 11:46:32 PM
no usersgroup12/2/2018 11:46:40 PM
Frank Andersonuser12/2/2018 11:57:32 PM
Patrick Staruser12/2/2018 11:46:06 PM
Gin Ntonicuser12/3/2018 6:36:17 PM
Joe Schmouser12/3/2018 6:36:40 PM
Test-PCcomputer12/4/2018 3:19:32 AM
test-pc2computer12/4/2018 3:20:05 AM
test-pc3computer12/4/2018 3:17:04 AM
test-pc4computer12/4/2018 3:20:15 AM
test-pc5computer12/4/2018 3:22:15 AM
test-pc6computer12/4/2018 3:20:23 AM
test-pc7computer12/4/2018 3:20:39 AM
test-pc8computer12/4/2018 3:20:43 AM
test-pc9computer12/4/2018 3:20:47 AM
test-pc10computer12/4/2018 3:10:48 AM
test-pc111computer12/4/2018 3:19:45 AM
test-pc11computer12/4/2018 3:18:26 AM
test-pc12computer12/4/2018 3:19:49 AM
test-pc13computer12/4/2018 3:10:57 AM
test-pc14computer12/4/2018 3:11:09 AM
test-pc154computer12/4/2018 3:20:00 AM
test-pc15computer12/4/2018 3:19:53 AM
win10pccomputer12/4/2018 2:59:06 AM
NameObject TypeWhen Changed
Expiring Items
Users with Passwords Expiring in less than 7 days
NameDays Until Password Expires
Brad Wyatt4
Gin Ntonic6
Accounts Expiring Soon
NameUserPrincipalNameExpiration DateEnabled
Patrick Star[email protected]12/5/2018 12:00:00 AMTrue
Accounts
Users Haven't Logged on in 1 Days
NameUserPrincipalNameEnabledProtected from DeletionLast LogonPassword Never ExpiresDays Until Password Expires
Bradley Wyatt[email protected]TrueFalse12/4/2018 2:59:05 AMTrueN/A
Brad Wyatt[email protected]TrueFalse12/2/2018 12:48:58 AMFalse4
Accounts Created in 7 Days or Less
NameEnabledCreation Date
Frank AndersonTrue11/30/2018 5:00:22 PM
Patrick StarTrue12/2/2018 10:51:13 PM
Gin NtonicTrue12/3/2018 6:36:17 PM
Joe SchmoTrue12/3/2018 6:36:40 PM
Security Logs
TimeTypeMessage
12/4/2018 3:36:09 AMSuccessAuditAn account was logged off. Subject: Security ID: S-1-5-18 Account Name: bwdc01$ Account Domain: THELAZYADMIN Logon ID: 0xe848e5 Logon Type: 3 This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.
12/4/2018 3:36:09 AMSuccessAuditAn account was successfully logged on. Subject: Security ID: S-1-0-0 Account Name: - Account Domain: - Logon ID: 0x0 Logon Information: Logon Type: 3 Restricted Admin Mode: - Virtual Account: %%1843 Elevated Token: %%1842 Impersonation Level: %%1833 New Logon: Security ID: S-1-5-18 Account Name: bwdc01$ Account Domain: THELAZYADMINISTRATOR.COM Logon ID: 0xe848e5 Linked Logon ID: 0x0 Network Account Name: - Network Account Domain: - Logon GUID: {ADFC8078-32D3-B8A2-CE40-71E7013D02E7} Process Information: Process ID: 0x0 Process Name: - Network Information: Workstation Name: - Source Network Address: ::1 Source Port: 64397 Detailed Authentication Information: Logon Process: Kerberos Authentication Package: Kerberos Transited Services: - Package Name (NTLM only): - Key Length: 0 This event is generated when a logon session is created. It is generated on the computer that was accessed. The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe. The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network). The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on. The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases. The impersonation level field indicates the extent to which a process in the logon session can impersonate. The authentication information fields provide detailed information about this specific logon request. - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event. - Transited services indicate which intermediate services have participated in this logon request. - Package name indicates which sub-protocol was used among the NTLM protocols. - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
12/4/2018 3:36:03 AMSuccessAuditAn account was logged off. Subject: Security ID: S-1-5-18 Account Name: bwdc01$ Account Domain: THELAZYADMIN Logon ID: 0xe75ac9 Logon Type: 3 This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.
UPN Suffixes
UPN SuffixesValid
lbhsoftware.comTrue
o365admin.centerTrue
britandbrad.comTrue
askbone.comTrue
bwya77.comTrue
thelazyadministrator.comTrue

Report: 12-04-2018
Groups Overivew
Total GroupsMail-Enabled Security GroupsSecurity GroupsDistribution Groups
601536
Active Directory Groups
NameTypeMembersManaged ByE-mail AddressProtected from DeletionDefault AD Group
AdministratorsSecurity GroupDomain Admins, Enterprise Admins, Bradley WyattFalseTrue
UsersSecurity GroupDomain Users, Authenticated Users, INTERACTIVEFalseTrue
GuestsSecurity GroupDomain Guests, GuestFalseTrue
Print OperatorsSecurity GroupFalseTrue
Backup OperatorsSecurity GroupFalseTrue
ReplicatorSecurity GroupFalseTrue
Remote Desktop UsersSecurity GroupFalseTrue
Network Configuration OperatorsSecurity GroupFalseTrue
Performance Monitor UsersSecurity GroupFalseTrue
Performance Log UsersSecurity GroupFalseTrue
Distributed COM UsersSecurity GroupFalseTrue
IIS_IUSRSSecurity GroupIUSRFalseTrue
Cryptographic OperatorsSecurity GroupFalseTrue
Event Log ReadersSecurity GroupFalseTrue
Certificate Service DCOM AccessSecurity GroupFalseTrue
RDS Remote Access ServersSecurity GroupFalseTrue
RDS Endpoint ServersSecurity GroupFalseTrue
RDS Management ServersSecurity GroupFalseTrue
Hyper-V AdministratorsSecurity GroupFalseTrue
Access Control Assistance OperatorsSecurity GroupFalseTrue
Remote Management UsersSecurity GroupFalseTrue
System Managed Accounts GroupSecurity GroupDefaultAccountFalseTrue
Storage Replica AdministratorsSecurity GroupFalseTrue
Domain ComputersSecurity GroupTest-PC, test-pc154, test-pc14, test-pc13, test-pc12, test-pc11, test-pc111, test-pc10, test-pc9, test-pc8, test-pc7, test-pc6, test-pc5, test-pc4, test-pc3, test-pc2, test-pc15, win10pcFalseTrue
Domain ControllersSecurity Groupbwdc01FalseTrue
Schema AdminsSecurity GroupBradley WyattFalseTrue
Enterprise AdminsSecurity GroupRon Hamstring, Bradley WyattFalseTrue
Cert PublishersSecurity GroupFalseTrue
Domain AdminsSecurity GroupBradley Wyatt, Brad Wyatt, Frank AndersonFalseTrue
Domain UsersSecurity GroupSkipped Domain Users MembershipFalseTrue
Domain GuestsSecurity GroupGuestFalseTrue
Group Policy Creator OwnersSecurity GroupBradley WyattFalseTrue
RAS and IAS ServersSecurity GroupFalseTrue
Server OperatorsSecurity GroupFalseTrue
Account OperatorsSecurity GroupFalseTrue
Pre-Windows 2000 Compatible AccessSecurity GroupAuthenticated UsersFalseFalse
Incoming Forest Trust BuildersSecurity GroupFalseTrue
Windows Authorization Access GroupSecurity GroupENTERPRISE DOMAIN CONTROLLERSFalseTrue
Terminal Server License ServersSecurity GroupFalseTrue
Allowed RODC Password Replication GroupSecurity GroupFalseTrue
Denied RODC Password Replication GroupSecurity GroupRead-only Domain Controllers, Group Policy Creator Owners, Domain Admins, Cert Publishers, Enterprise Admins, Schema Admins, Domain Controllers, krbtgtFalseTrue
Read-only Domain ControllersSecurity GroupFalseTrue
Enterprise Read-only Domain ControllersSecurity GroupFalseTrue
Cloneable Domain ControllersSecurity GroupFalseTrue
Protected UsersSecurity GroupFalseTrue
Key AdminsSecurity GroupFalseTrue
Enterprise Key AdminsSecurity GroupFalseTrue
DnsAdminsSecurity GroupFalseTrue
DnsUpdateProxySecurity GroupFalseTrue
testbaddomainDistribution GroupBrad Wyatt[email protected]FalseFalse
Itune - Personal DevicesSecurity GroupFalseFalse
Intune - Company DevicesSecurity GroupFalseFalse
SecuritySecurity GroupFalseFalse
Security Group testSecurity GroupWeddingFalseFalse
a distroDistribution GroupBradley Wyatt, Brad Wyatt, The Lazy AdministratorBrad Wyatt[email protected]FalseFalse
distro group 1Distribution Groupa distroBrad Wyatt[email protected]FalseFalse
distro group 2Distribution GroupBrad Wyatt[email protected]TrueFalse
lots usersDistribution Groupa distroBrad Wyatt[email protected]FalseFalse
no usersDistribution GroupBrad Wyatt[email protected]TrueFalse
ME GroupMail-Enabled Security Group[email protected]FalseFalse
Domain Administrators
NameEnabledType
Bradley WyattTrueuser
Brad WyattTrueuser
Frank AndersonTrueuser
Enterprise Administrators
NameEnabledType
Ron HamstringTrueuser
Bradley WyattTrueuser
Active Directory Groups Chart

Report: 12-04-2018
Organizational Units
NameLinked GPOsModified DateProtected from Deletion
Domain ControllersDefault Domain Controllers Policy11/16/2018 3:13:02 PMFalse
dropNone11/16/2018 3:39:51 PMTrue
bwya77None11/16/2018 4:15:20 PMTrue
thelazyadministratorSuper Strict GPO, test policy12/2/2018 11:46:32 PMTrue
gmailNone11/16/2018 5:08:22 PMTrue
Organizational Units Charts

Report: 12-04-2018
Users Overivew
Total UsersUsers with Passwords Expiring in less than 7 daysExpiring AccountsUsers Haven't Logged on in 1 Days
14212
Active Directory Users
NameUserPrincipalNameEnabledProtected from DeletionLast LogonEmail AddressAccount ExpirationChange Password Next LogonPassword Last SetPassword Never ExpiresDays Until Password Expires
Bradley Wyatt[email protected]TrueFalse12/4/2018 2:59:05 AMFalse11/15/2018 5:27:53 PMTrueN/A
GuestFalseFalseNeverFalseTrueN/A
DefaultAccountFalseFalseNeverFalseTrueN/A
krbtgtFalseFalseNeverTrue11/16/2018 3:14:59 PMFalseN/A
Wedding[email protected]TrueFalseNever[email protected]TrueFalseUser has never logged on
Ron Hamstring[email protected]TrueFalseNever[email protected]TrueFalseUser has never logged on
test user[email protected]TrueFalseNever[email protected]TrueFalseUser has never logged on
Brad Wyatt[email protected]TrueFalse12/2/2018 12:48:58 AM[email protected]False12/2/2018 12:47:49 AMFalse4
testshared[email protected]TrueFalseNever[email protected]12/4/2018 12:00:00 AMTrueFalseUser has never logged on
The Lazy Administrator[email protected]TrueFalseNever[email protected]TrueFalseUser has never logged on
Frank Anderson[email protected]TrueFalseNeverTrueFalseUser has never logged on
Patrick Star[email protected]TrueTrueNever12/5/2018 12:00:00 AMTrueFalseUser has never logged on
Gin Ntonic[email protected]TrueFalseNeverFalse12/3/2018 6:36:17 PMFalse6
Joe Schmo[email protected]TrueFalseNeverTrueFalseUser has never logged on
Expiring Items
Users with Passwords Expiring in less than 7 days
NameDays Until Password Expires
Brad Wyatt4
Gin Ntonic6
Accounts Expiring Soon
NameUserPrincipalNameExpiration DateEnabled
Patrick Star[email protected]12/5/2018 12:00:00 AMTrue
Accounts
Users Haven't Logged on in 1 Days
NameUserPrincipalNameEnabledProtected from DeletionLast LogonPassword Never ExpiresDays Until Password Expires
Bradley Wyatt[email protected]TrueFalse12/4/2018 2:59:05 AMTrueN/A
Brad Wyatt[email protected]TrueFalse12/2/2018 12:48:58 AMFalse4
Accounts Created in 7 Days or Less
NameEnabledCreation Date
Frank AndersonTrue11/30/2018 5:00:22 PM
Patrick StarTrue12/2/2018 10:51:13 PM
Gin NtonicTrue12/3/2018 6:36:17 PM
Joe SchmoTrue12/3/2018 6:36:40 PM
Users Charts

Report: 12-04-2018
Group Policies
NameStatusModified DateUser VersionComputer Version
Default Domain PolicyAllSettingsEnabled12/2/2018 1:00:54 AM07
test policyAllSettingsEnabled12/1/2018 2:18:50 AM40
Default Domain Controllers PolicyAllSettingsEnabled11/16/2018 3:13:02 PM01
Super Strict GPOAllSettingsEnabled12/1/2018 2:58:10 AM00

Report: 12-04-2018
Computers Overivew
Total ComputersServer 2016Server 2012 R2Server 2012Server 2008 R2Windows 10Windows 8Windows 7
1912101113
Computers
NameEnabledOperating SystemModified DatePassword Last SetProtect from Deletion
bwdc01TrueWindows Server 2016 Datacenter11/29/2018 9:34:27 PM11/16/2018 3:15:15 PMFalse
Test-PCTrueWindows Server 2012 R212/4/2018 3:19:32 AM12/3/2018 7:27:51 PMFalse
test-pc2FalseWindows 10 Pro12/4/2018 3:20:05 AM12/3/2018 7:28:51 PMFalse
test-pc3TrueWindows Server 201212/4/2018 3:17:04 AM12/3/2018 7:28:53 PMFalse
test-pc4TrueWindows 7 Ultimate12/4/2018 3:20:15 AM12/3/2018 7:28:55 PMFalse
test-pc5TrueWindows 10 Pro12/4/2018 3:22:15 AM12/3/2018 7:28:57 PMFalse
test-pc6TrueWindows 8 Ultimate12/4/2018 3:20:23 AM12/3/2018 7:28:59 PMFalse
test-pc7TrueWindows 10 Pro12/4/2018 3:20:39 AM12/3/2018 7:29:00 PMFalse
test-pc8TrueWindows 10 Pro12/4/2018 3:20:43 AM12/3/2018 7:29:02 PMFalse
test-pc9TrueWindows 10 Pro12/4/2018 3:20:47 AM12/3/2018 7:29:04 PMFalse
test-pc10TrueWindows 1012/4/2018 3:10:48 AM12/3/2018 7:29:06 PMFalse
test-pc111FalseWindows 10 Pro12/4/2018 3:19:45 AM12/3/2018 7:29:09 PMFalse
test-pc11TrueWindows Server 2012 R212/4/2018 3:18:26 AM12/3/2018 7:29:11 PMFalse
test-pc12TrueWindows 10 Pro12/4/2018 3:19:49 AM12/3/2018 7:29:13 PMFalse
test-pc13FalseWindows 7 Pro12/4/2018 3:10:57 AM12/3/2018 7:29:14 PMFalse
test-pc14FalseWindows 7 Ultimate12/4/2018 3:11:09 AM12/3/2018 7:29:18 PMFalse
test-pc154FalseWindows 10 Pro12/4/2018 3:20:00 AM12/3/2018 7:29:20 PMFalse
test-pc15FalseWindows 10 Pro12/4/2018 3:19:53 AM12/3/2018 7:29:22 PMFalse
win10pcTrueWindows 10 Pro12/4/2018 2:59:06 AM12/4/2018 2:59:05 AMFalse
Computers Charts
Computers Operating System Breakdown