pingcastle
pingcastle copied to clipboard
"PingCastle.exe --export computer" needs a description - tested in 3.1.0.0 Beta1
I have been testing the current 3.1.0.0 beta1 because the export computer feature became interesting to me after MS and Windows LAPS details were added. So I had some questions, and since the beta1 source code is not public yet, I was not able to figure it out myself.
- Is
Disabled
always the opposite ofEnabled
- it seems to be. - Is
Active
always the opposite ofInactive
- theDisabled
andEnabled
states affect the value, so no. - What are the both LAPS true/false values based on? Best would be the count/date of AD Replication Metadata of timestamp of the schema attributes here (
msLAPS-PasswordExpirationTime
,ms-Mcs-AdmPwdExpirationTime
) if you are not querying all GPOs to get information about which computer should have which policy (would be the best). - Is
locked
for bad password lockout or for account lockout?
Is there anything else to know about this data, or is there already a description somewhere?