CONN - Active Directory Identity Collector #184
Description
Identity Source (Implementation and Validation)
Problem Statement
We need to scan Active Directory for trustee information
Description
Implement an identity scanner for Active Directory
Personas Target User(s)
AD Admins
Security Admins (For effective access)
Goal / Purpose
Scalable, performant scanning of Active Directory to collect information about Users, Groups and Computers.
Acceptance Criteria
Delta Scans - Scans should only return changes since last scan and merge results into the database
Configuration
Use SSL (Optional)
Port number (Optional)
Domain Controller (Required)
Required attributes
All Object Types
AdminCount
PrimaryGroupID
DomainName
DomainCanonicalName
SamAccountName
DIsplayName
Description
ObjectSID
DistinguishedName
CN
WhenCreated
WhenChanged
Users
msDS-AllowedToActOnBehalfOf
msDS-AllowedToDelegateTo
msDS-SupportedEncryptionTypes
servicePrincipalName
Mail
LastLogonTimeStamp
AccountExpires
Title
Company
Department
Manager
UserAccountControl
msDSUserAccountControlComputer
TelephoneNumber
PwdLastSetDate
LegacyExchangeDN
Groups
Mail
GroupType
Computers
msDS-AllowedToActOnBehalfOf
msDS-AllowedToDelegateTo
msDS-SupportedEncryptionTypes
servicePrincipalName
OperatingSystem
Location
LastLogonTimestamp
UserAccountControl
PwdlastSetDate