-
+
Microsoft AD As Built Report
Zen Pr Solutions
+| Author: | Jonathan Colon |
|---|---|
| Date: | Friday, October 29, 2021 |
| Date: | Monday, January 24, 2022 |
| Version: | 1.0 |
-
-
Microsoft AD As Built Report - v1.0
Table of Contents
| 1 | ZENPR.LOCAL Active Directory Report | |||||
| 1.1 | Forest Information. | |||||
| 1.1.1 | Optional Features | |||||
| 1.1.2 | Domain Sites | |||||
| 1.1.3 | Site Links | |||||
| 1.2 | Active Directory Domain Information | |||||
| 1.2.1 | ZENPR.LOCAL Domain Configuration | |||||
| 1.2.1.1 | Flexible Single Master Operations (FSMO) | |||||
| 1.2.1.2 | Domain and Trusts | |||||
| 1.2.1.3 | Domain Object Count | |||||
| 1.2.1.4 | Default Domain Password Policy | |||||
| 1.2.1.5 | Fined Grained Password Policies | |||||
| 1.2.1.6 | Group Managed Service Accounts (GMSA) | |||||
| 1.2.1.7 | Domain Controller Summary | |||||
| 1.2.1.7.1 | Hardware Inventory | |||||
| 1.2.1.7.2 | NTDS Information | |||||
| 1.2.1.7.3 | Time Source Information | |||||
| 1.2.1.7.4 | DC Diagnostic | |||||
| 1.2.1.7.5 | SERVER-DC-01V Infrastructure Services Status | |||||
| 1.2.1.7.6 | CAYEY-DC-01V Infrastructure Services Status | |||||
| 1.2.1.7.7 | Sites Replication | |||||
| 1.2.1.7.8 | Sites Replication Failure | |||||
| 1.2.1.7.9 | Group Policy Objects Summary | |||||
| 1.2.1.7.9.1 | GPO with User Logon/Logoff Script | |||||
| 1.2.1.7.9.2 | GPO with Computer Startup/Shutdown Script | |||||
| 1.2.1.7.9.3 | Health Check - Unlinked GPO | |||||
| 1.2.1.7.9.4 | Health Check - Empty GPOs | |||||
| 1.2.1.7.9.5 | Health Check - Enforced GPO | |||||
| 1.2.1.7.10 | Organizational Units | |||||
| 1.2.1.7.10.1 | Health Check - OU with GPO Blocked Inheritance | |||||
| 1.2.2 | ACAD.ZENPR.LOCAL Domain Configuration | |||||
| 1.2.2.1 | Flexible Single Master Operations (FSMO) | |||||
| 1.2.2.2 | Domain and Trusts | |||||
| 1.2.2.3 | Domain Object Count | |||||
| 1.2.2.4 | Default Domain Password Policy | |||||
| 1.2.2.5 | Fined Grained Password Policies | |||||
| 1.2.2.6 | Group Managed Service Accounts (GMSA) | |||||
| 1.2.2.7 | Domain Controller Summary | |||||
| 1.2.2.7.1 | Hardware Inventory | |||||
| 1.2.2.7.2 | NTDS Information | |||||
| 1.2.2.7.3 | Time Source Information | |||||
| 1.2.2.7.4 | DC Diagnostic | |||||
| 1.2.2.7.5 | ACADE-DC-01V Infrastructure Services Status | |||||
| 1.2.2.7.6 | Sites Replication | |||||
| 1.2.2.7.7 | Group Policy Objects Summary | |||||
| 1.2.2.7.7.1 | GPO with User Logon/Logoff Script | |||||
| 1.2.2.7.7.2 | Health Check - Unlinked GPO | |||||
| 1.2.2.7.7.3 | Health Check - Empty GPOs | |||||
| 1.2.2.7.7.4 | Health Check - Enforced GPO | |||||
| 1.2.2.7.8 | Organizational Units | |||||
| 1.2.2.7.8.1 | Health Check - OU with GPO Blocked Inheritance | |||||
| 1.3 | ZENPR.LOCAL Domain Name System Summary | |||||
| 1.3.1 | ZENPR.LOCAL DNS Configuration | |||||
| 1.3.1.1 | Infrastructure Summary | |||||
| 1.3.1.1.1 | Response Rate Limiting (RRL) | |||||
| 1.3.1.1.2 | Scavenging Options | |||||
| 1.3.1.1.3 | Forwarder Options | |||||
| 1.3.1.1.4 | Zone Scope Recursion | |||||
| 1.3.1.2 | SERVER-DC-01V DNS Zone Configuration | |||||
| 1.3.1.2.1 | SERVER-DC-01V Zone Delegation | |||||
| 1.3.1.2.2 | SERVER-DC-01V Reverse Lookup Zone Configuration | |||||
| 1.3.1.2.3 | SERVER-DC-01V Conditional Forwarder | |||||
| 1.3.1.2.4 | SERVER-DC-01V Zone Scope Aging Properties | |||||
| 1.3.1.3 | CAYEY-DC-01V DNS Zone Configuration | |||||
| 1.3.1.3.1 | CAYEY-DC-01V Zone Delegation | |||||
| 1.3.1.3.2 | CAYEY-DC-01V Reverse Lookup Zone Configuration | |||||
| 1.3.1.3.3 | CAYEY-DC-01V Conditional Forwarder | |||||
| 1.3.1.3.4 | CAYEY-DC-01V Zone Scope Aging Properties | |||||
| 1.3.2 | ACAD.ZENPR.LOCAL DNS Configuration | |||||
| 1.3.2.1 | Infrastructure Summary | |||||
| 1.3.2.1.1 | Response Rate Limiting (RRL) | |||||
| 1.3.2.1.2 | Scavenging Options | |||||
| 1.3.2.1.3 | Forwarder Options | |||||
| 1.3.2.1.4 | Zone Scope Recursion | |||||
| 1.4 | ZENPR.LOCAL Dynamic Host Configuration Protocol Summary | |||||
| 1.4.1 | ZENPR.LOCAL Domain DHCP Configuration | |||||
| 1.4.1.1 | DHCP Servers In Active Directory | |||||
| 1.4.1.1.1 | Service Database | |||||
| 1.4.1.1.2 | Dynamic DNS credentials | |||||
| 1.4.1.2 | IPv4 Scope Summary | |||||
| 1.4.1.2.1 | IPv4 Service Statistics | |||||
| 1.4.1.2.2 | CAYEY-DC-01V IPv4 Scopes | |||||
| 1.4.1.2.2.1 | CAYEY-DC-01V IPv4 Scope Statistics | |||||
| 1.4.1.2.2.2 | CAYEY-DC-01V IPv4 Scope Failover | |||||
| 1.4.1.2.2.3 | CAYEY-DC-01V IPv4 Network Interface Binding | |||||
| 1.4.1.2.3 | CAYEY-DC-01V IPv4 Scope Server Options | |||||
| 1.4.1.2.3.1 | Scope DNS Setting | |||||
| 1.4.1.2.3.2 | 10.10.33.0 Scope Options Configuration | |||||
| 1.4.1.2.3.3 | 10.10.34.0 Scope Options Configuration | |||||
| 1.4.1.2.4 | SERVER-DC-01V IPv4 Scopes | |||||
| 1.4.1.2.4.1 | SERVER-DC-01V IPv4 Scope Statistics | |||||
| 1.4.1.2.4.2 | SERVER-DC-01V IPv4 Scope Failover | |||||
| 1.4.1.2.4.3 | SERVER-DC-01V IPv4 Network Interface Binding | |||||
| 1.4.1.2.5 | SERVER-DC-01V IPv4 Scope Server Options | |||||
| 1.4.1.2.5.1 | Scope DNS Setting | |||||
| 1.4.1.2.5.2 | 10.10.32.0 Scope Options Configuration | |||||
| 1.4.1.2.5.3 | 10.10.33.0 Scope Options Configuration | |||||
| 1.4.1.2.5.4 | 10.10.34.0 Scope Options Configuration | |||||
| 1.4.1.2.5.5 | 10.10.35.0 Scope Options Configuration | |||||
| 1.4.1.2.5.6 | 192.168.2.0 Scope Options Configuration | |||||
| 1.4.1.2.5.7 | 192.168.4.0 Scope Options Configuration | |||||
| 1.4.1.2.5.8 | 192.168.6.0 Scope Options Configuration | |||||
| 1.4.1.2.5.9 | 192.168.7.0 Scope Options Configuration | |||||
| 1.4.1.2.5.10 | 192.168.12.0 Scope Options Configuration | |||||
| 1.4.1.3 | ZENPR.LOCAL IPv6 Scope Configuration | |||||
| 1.4.1.3.1 | IPv6 Service Statistics | |||||
| 1.4.2 | ACAD.ZENPR.LOCAL Domain DHCP Configuration | |||||
| 1.4.2.1 | DHCP Servers In Active Directory | |||||
| 1.4.2.1.1 | Service Database | |||||
| 1.4.2.1.2 | Dynamic DNS credentials | |||||
| 1.4.2.2 | IPv4 Scope Summary | |||||
| 1.4.2.2.1 | IPv4 Service Statistics | |||||
| 1.4.2.2.2 | ACADE-DC-01V IPv4 Scopes | |||||
| 1.4.2.2.2.1 | ACADE-DC-01V IPv4 Scope Statistics | |||||
| 1.4.2.2.2.2 | ACADE-DC-01V IPv4 Network Interface Binding | |||||
| 1.4.2.2.3 | ACADE-DC-01V IPv4 Scope Server Options | |||||
| 1.4.2.2.3.1 | Scope DNS Setting | |||||
| 1.4.2.2.3.2 | 172.23.5.0 Scope Options Configuration | |||||
| 1.4.2.3 | ACAD.ZENPR.LOCAL IPv6 Scope Configuration | |||||
| 1.4.2.3.1 | IPv6 Service Statistics | |||||
| 1.4.2.3.2 | ACADE-DC-01V IPv6 Scopes | |||||
| 1.4.2.3.2.1 | ACADE-DC-01V IPv6 Scope Statistics | |||||
| 1.4.2.3.2.2 | ACADE-DC-01V IPv6 Network Interface Binding | |||||
| 1.4.2.3.3 | ACADE-DC-01V IPv6 Scope Server Options | |||||
| 1.4.2.3.3.1 | Scope DNS Settings | |||||
| 1.4.2.3.3.2 | fd99:9971:: Scope Options | |||||
| 1.5 | ZENPR.LOCAL Certificate Authority Summary | |||||
| 1.5.1 | ZENPR.LOCAL Enterprise Root Certificate Authority |
| Forest Name | zenpr.local |
|---|---|
| Forest Name | pharmax.local |
| Forest Functional Level | Windows2016Forest |
| Schema Version | ObjectVersion 88, Correspond to Windows Server 2019 |
| Tombstone Lifetime (days) | 180 |
| Domains | acad.zenpr.local; zenpr.local |
| Global Catalogs | Server-DC-01V.zenpr.local; acade-dc-01v.acad.zenpr.local |
| Application Partitions | DC=DomainDnsZones,DC=acad,DC=zenpr,DC=local DC=ForestDnsZones,DC=zenpr,DC=local DC=DomainDnsZones,DC=zenpr,DC=local |
| PartitionsContainer | CN=Partitions,CN=Configuration,DC=zenpr,DC=local |
| Domains | acad.pharmax.local; pharmax.local |
| Global Catalogs | Server-DC-01V.pharmax.local; acade-dc-01v.acad.pharmax.local |
| Application Partitions | DC=DomainDnsZones,DC=acad,DC=pharmax,DC=local DC=ForestDnsZones,DC=pharmax,DC=local DC=DomainDnsZones,DC=pharmax,DC=local |
| PartitionsContainer | CN=Partitions,CN=Configuration,DC=pharmax,DC=local |
| SPN Suffixes | - |
| UPN Suffixes | - |
Table 1 - AD Forest Summary Information - ZENPR.LOCAL
1.1.1 Optional Features
The following section provides a summary of the enabled Optional Features.
| Name | Required Forest Mode | Forest |
|---|---|---|
| Recycle Bin Feature | Windows2008R2Forest | ZENPR.LOCAL |
| Privileged Access Management Feature | Windows2016Forest | ZENPR.LOCAL |
Table 2 - Active Directory Enabled Optional Features Information - ZENPR.LOCAL
1.1.2 Domain Sites
The following section provides a summary of the Active Directory Sites.
| Site Name | Description | Creation Date | Subnets |
|---|---|---|---|
| Zenpr-HQ | Site of San Juan, PR HQ | Mon, 11 Jun 2018 00:59:59 GMT | 10.9.1.0/24 192.168.0.0/16 |
| Cayey-Branch | Site of Cayey, PR Branch | Sat, 04 Sep 2021 00:35:15 GMT | 10.10.0.0/16 |
| ACAD | - | Sun, 05 Sep 2021 16:13:51 GMT | 172.23.0.0/16 |
Table 3 - Domain Site Information - ZENPR.LOCAL
1.1.3 Site Links
The following section provides a summary of the Active Directory Site Link information.
| Privileged Access Management Feature | Windows2016Forest | PHARMAX.LOCAL |
| Recycle Bin Feature | Windows2008R2Forest | PHARMAX.LOCAL |
Table 2 - Optional Features - PHARMAX.LOCAL
1.1.2 Domain Sites
| Site Name | Description | Subnets | Creation Date |
|---|---|---|---|
| ACAD | - | 172.23.0.0/16 | 9/5/2021 |
| Cayey-Branch | Site of Cayey, PR Branch | 10.10.0.0/16 | 9/3/2021 |
| Dead-Site | - | - | 1/22/2022 |
| Pharmax-HQ | Site of San Juan, PR HQ | 10.9.1.0/24 192.168.0.0/16 | 6/10/2018 |
Table 3 - Sites - PHARMAX.LOCAL
1.1.2.1 Site Subnets
| Subnet | Description | Sites | Creation Date |
|---|---|---|---|
| 10.10.0.0/16 | Cayey-Networks | Cayey-Branch | 9/12/2020 |
| 10.9.1.0/24 | - | Pharmax-HQ | 9/14/2021 |
| 172.23.0.0/16 | - | ACAD | 9/5/2021 |
| 192.168.0.0/16 | - | Pharmax-HQ | 9/12/2020 |
Table 4 - Site Subnets - PHARMAX.LOCAL
1.1.2.2 Site Links
| Site Link Name | Cost | Replication Frequency | Transport Protocol | Sites |
|---|---|---|---|---|
| Zenpr-to-All | 100 | 15 min | IP | ACAD Cayey-Branch Zenpr-HQ |
| ZENPR-to-ACAD | 100 | 15 min | IP | ACAD Zenpr-HQ |
| PHARMAX-to-ACAD | 100 | 15 min | IP | ACAD Pharmax-HQ |
| Pharmax-to-All | 100 | 15 min | IP | Dead-Site ACAD Cayey-Branch Pharmax-HQ |
Table 4 - Site Links Information - ZENPR.LOCAL
1.2 Active Directory Domain Information
An Active Directory domain is a collection of objects within a Microsoft Active Directory network. An object can be a single user or a group or it can be a hardware component, such as a computer or printer.Each domain holds a database containing object identity information. Active Directory domains can be identified using a DNS name, which can be the same as an organization's public domain name, a sub-domain or an alternate version (which may end in .local).
1.2.1 ZENPR.LOCAL Domain Configuration
The following section provides a summary of the Active Directory Domain Information.
| Domain Name | zenpr |
|---|---|
| NetBIOS Name | ZENPR |
| Domain Name | pharmax |
| NetBIOS Name | PHARMAX |
| Domain SID | S-1-5-21-2867495315-1194516362-180967319 |
| Domain Functional Level | Windows2016Domain |
| Domains | - |
| Forest | zenpr.local |
| Forest | pharmax.local |
| Parent Domain | - |
| Replica Directory Servers | Server-DC-01V.zenpr.local cayey-dc-01v.zenpr.local |
| Child Domains | acad.zenpr.local |
| Domain Path | zenpr.local/ |
| Computers Container | zenpr.local/Computers |
| Domain Controllers Container | zenpr.local/Domain Controllers |
| Systems Container | zenpr.local/System |
| Users Container | zenpr.local/Users |
| Replica Directory Servers | Server-DC-01V.pharmax.local cayey-dc-01v.pharmax.local |
| Child Domains | acad.pharmax.local |
| Domain Path | pharmax.local/ |
| Computers Container | pharmax.local/Computers |
| Domain Controllers Container | pharmax.local/Domain Controllers |
| Systems Container | pharmax.local/System |
| Users Container | pharmax.local/Users |
| ReadOnly Replica Directory Servers | - |
Table 5 - AD Domain Summary Information - ZENPR.LOCAL
1.2.1.1 Flexible Single Master Operations (FSMO)
The following section provides a summary of the Active Directory FSMO for Domain ZENPR.LOCAL.
| Infrastructure Master Server | Server-DC-01V.zenpr.local |
|---|---|
| RID Master Server | Server-DC-01V.zenpr.local |
| PDC Emulator Name | Server-DC-01V.zenpr.local |
| Domain Naming Master Server | Server-DC-01V.zenpr.local |
| Schema Master Server | Server-DC-01V.zenpr.local |
Table 6 - FSMO Server Information - zenpr.local
1.2.1.2 Domain and Trusts
The following section provides a summary of Active Directory Trust information on ZENPR.LOCAL.
| Infrastructure Master Server | Server-DC-01V.pharmax.local |
|---|---|
| RID Master Server | Server-DC-01V.pharmax.local |
| PDC Emulator Name | Server-DC-01V.pharmax.local |
| Domain Naming Master Server | Server-DC-01V.pharmax.local |
| Schema Master Server | Server-DC-01V.pharmax.local |
Table 7 - FSMO Server - pharmax.local
1.2.1.2 Domain and Trusts
The following section provides a summary of Active Directory Trust information on PHARMAX.LOCAL.
| Name | acad.zenpr.local |
|---|---|
| Path | zenpr.local/System/acad.zenpr.local |
| Source | zenpr |
| Target | acad.zenpr.local |
| Name | acad.pharmax.local |
| Path | pharmax.local/System/acad.pharmax.local |
| Source | pharmax |
| Target | acad.pharmax.local |
| Direction | BiDirectional |
| IntraForest | Yes |
| Selective Authentication | No |
| Trust Type | Uplevel |
| Uplevel Only | No |
Table 7 - Active Directory Trusts Information - ZENPR.LOCAL
1.2.1.3 Domain Object Count
The following section provides a summary of the Active Directory Object Count on ZENPR.LOCAL.
| Computers | 90 |
|---|---|
| Servers | 54 |
| Computers | 93 |
| Servers | 55 |
| Domain Controller | 2 |
| Global Catalog | 1 |
| Users | 22 |
| Users | 24 |
| Privileged Users | 4 |
| Groups | 65 |
Table 8 - Active Directory Object Count Information - ZENPR.LOCAL
1.2.1.4 Default Domain Password Policy
The following section provides a summary of the Default Domain Password Policy on ZENPR.LOCAL.
| Domain Name | zenpr.local |
|---|---|
| Domain Name | |
| Complexity Enabled | Yes |
| Path | zenpr.local/ |
| Path | pharmax.local/ |
| Lockout Duration | 00 days 00 hours 30 minutes 00 seconds |
| Lockout Threshold | 0 |
| Lockout Observation Window | 00 days 00 hours 30 minutes 00 seconds |
| Password History Count | 24 |
| Reversible Encryption Enabled | No |
Table 9 - Default Domain Password Policy Information - ZENPR.LOCAL
1.2.1.5 Fined Grained Password Policies
The following section provides a summary of the Fined Grained Password Policies on ZENPR.LOCAL.
| Password Setting Name | Administrators |
|---|---|
| Domain Name | zenpr.local |
| Domain Name | pharmax.local |
| Complexity Enabled | Yes |
| Path | zenpr.local/System/Password Settings Container/Administrators |
| Path | pharmax.local/System/Password Settings Container/Administrators |
| Lockout Duration | 00 days 00 hours 30 minutes 00 seconds |
| Lockout Threshold | 0 |
| Lockout Observation Window | 00 days 00 hours 30 minutes 00 seconds |
| Precedence | 1 |
| Applies To | horizon-ic, dbuser, jocolon |
Table 10 - Fined Grained Password Policies Information - ZENPR.LOCAL
1.2.1.6 Group Managed Service Accounts (GMSA)
The following section provides a summary of the Group Managed Service Accounts on ZENPR.LOCAL.
| Password Setting Name | Test |
|---|---|
| Domain Name | pharmax.local |
| Complexity Enabled | Yes |
| Path | pharmax.local/System/Password Settings Container/Test |
| Lockout Duration | 00 days 00 hours 30 minutes 00 seconds |
| Lockout Threshold | 0 |
| Lockout Observation Window | 00 days 00 hours 30 minutes 00 seconds |
| Max Password Age | 42 days 00 hours 00 minutes 00 seconds |
| Min Password Age | 01 days 00 hours 00 minutes 00 seconds |
| Min Password Length | 7 |
| Password History Count | 23 |
| Reversible Encryption Enabled | No |
| Precedence | 1 |
| Applies To | vmuserro |
Table 12 - Fined Grained Password Policies - Test
1.2.1.6 Group Managed Service Accounts (GMSA)
The following section provides a summary of the Group Managed Service Accounts on PHARMAX.LOCAL.
| Name | SQLServer |
|---|---|
| SamAccountName | SQLServer$ |
| Password Expired | No |
| Password Last Set | 09/27/2020 14:14:22 |
Table 13 - Group Managed Service Accounts - SQLServer
| Name | adfsgmsa |
|---|---|
| SamAccountName | adfsgmsa$ |
| Created | 10/07/2020 18:36:16 |
| Enabled | Yes |
| DNS Host Name | ADFS.zenpr.local |
| DNS Host Name | ADFS.pharmax.local |
| Host Computers | |
| Retrieve Managed Password | SERVER-ADFS-01V, SERVER-ADFS-02V |
| Primary Group | Domain Computers |
| Password Expired | No |
| Password Last Set | 10/07/2020 18:36:16 |
1.2.1.7 Domain Controller Summary
A domain controller (DC) is a server computer that responds to security authentication requests within a computer network domain. It is a network server that is responsible for allowing host access to domain resources. It authenticates users, stores user account information and enforces security policy for a domain.
| DC Name | Domain Name | Site | Global Catalog | Read Only | IP Address |
|---|---|---|---|---|---|
| SERVER-DC-01V | zenpr.local | Zenpr-HQ | Yes | No | 192.168.5.1 |
| CAYEY-DC-01V | zenpr.local | Cayey-Branch | No | No | 10.10.33.1 |
| CAYEY-DC-01V | pharmax.local | Cayey-Branch | No | No | 10.10.33.1 |
| SERVER-DC-01V | pharmax.local | Pharmax-HQ | Yes | No | 192.168.5.1 |
Table 11 - AD Domain Controller Summary Information - ZENPR.LOCAL
1.2.1.7.1 Hardware Inventory
The following section provides a summary of the Domain Controller Hardware for ZENPR.LOCAL.
| Name | Server-DC-01V |
|---|---|
| Windows Product Name | Windows Server 2019 Standard Evaluation |
| Windows Current Version | 6.3 |
| Windows Build Number | 10.0.17763 |
| Windows Install Type | Server |
| AD Domain | zenpr.local |
| AD Domain | pharmax.local |
| Windows Installation Date | 09/08/2020 21:20:17 |
| Time Zone | (UTC-04:00) Georgetown, La Paz, Manaus, San Juan |
| License Type | Retail:TB:Eval |
| BIOS Version | |
| Processor Manufacturer | GenuineIntel |
| Processor Model | Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz |
| Number of Processors | 1 |
| Number of Processors | |
| Number of CPU Cores | 2 |
| Number of Logical Cores | 2 |
| Physical Memory (GB) | 4.00 GB |
Table 16 - Domain Controller Hardware - SERVER-DC-01V
| Name | cayey-dc-01v |
|---|---|
| Windows Current Version | 6.3 |
| Windows Build Number | 10.0.17763 |
| Windows Install Type | Server |
| AD Domain | zenpr.local |
| AD Domain | pharmax.local |
| Windows Installation Date | 09/03/2021 20:36:55 |
| Time Zone | (UTC-04:00) Georgetown, La Paz, Manaus, San Juan |
| License Type | Retail:TB:Eval |
| BIOS Version | |
| Processor Manufacturer | GenuineIntel |
| Processor Model | Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz |
| Number of Processors | 1 |
| Number of Processors | |
| Number of CPU Cores | 2 |
| Number of Logical Cores | 2 |
| Physical Memory (GB) | 4.00 GB |
1.2.1.7.2 NTDS Information
The following section provides a summary of the Domain Controller NTDS file size on ZENPR.LOCAL.
| DC Name | Database File | Database Size | Log Path | SysVol Path |
|---|---|---|---|---|
| CAYEY-DC-01V | C:\Windows\NTDS\ntds.dit | 36.00 MB | C:\Windows\NTDS | C:\Windows\SYSVOL\sysvol |
| SERVER-DC-01V | C:\Windows\NTDS\ntds.dit | 54.00 MB | C:\Windows\NTDS | C:\Windows\SYSVOL\sysvol |
| CAYEY-DC-01V | C:\Windows\NTDS\ntds.dit | 38.00 MB | C:\Windows\NTDS | C:\Windows\SYSVOL\sysvol |
Table 12 - Domain Controller NTDS Database File Usage Information - ZENPR.LOCAL
1.2.1.7.3 Time Source Information
The following section provides a summary of the Domain Controller Time Source configuration on ZENPR.LOCAL.
| Name | Time Server | Type |
|---|---|---|
| SERVER-DC-01V | 0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org 3.pool.ntp.org | MANUAL (NTP) |
| CAYEY-DC-01V | Domain Hierarchy | DOMHIER |
| SERVER-DC-01V | 0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org 3.pool.ntp.org | MANUAL (NTP) |
Table 13 - Domain Controller Time Source Configuration - ZENPR.LOCAL
1.2.1.7.4 DC Diagnostic
The following section provides a summary of the Active Directory DC Diagnostic.
| Name | Publisher | Install Date |
|---|---|---|
| Veeam Backup VSS Integration | Veeam Software Group GmbH | 20220115 |
Table 20 - Installed Software - SERVER-DC-01V
1.2.1.7.4.2 CAYEY-DC-01V additional software
The following section provides a summary of additional software running on CAYEY-DC-01V.
| Name | Publisher | Install Date |
|---|---|---|
| 7-Zip 21.07 (x64 edition) | Igor Pavlov | 20220122 |
Table 21 - Installed Software - CAYEY-DC-01V
1.2.1.7.5 DC Diagnostic
The following section provides a summary of the Active Directory DC Diagnostic.
| DC Name | Test Name | Result |
|---|---|---|
| Server-DC-01V.zenpr.local | Connectivity | passed |
| Server-DC-01V.zenpr.local | Advertising | passed |
| Server-DC-01V.zenpr.local | FrsEvent | passed |
| Server-DC-01V.zenpr.local | DFSREvent | failed |
| Server-DC-01V.zenpr.local | SysVolCheck | passed |
| Server-DC-01V.zenpr.local | KccEvent | passed |
| Server-DC-01V.zenpr.local | KnowsOfRoleHolders | passed |
| Server-DC-01V.zenpr.local | MachineAccount | passed |
| Server-DC-01V.zenpr.local | NCSecDesc | passed |
| Server-DC-01V.zenpr.local | NetLogons | passed |
| Server-DC-01V.zenpr.local | ObjectsReplicated | passed |
| Server-DC-01V.zenpr.local | Replications | passed |
| Server-DC-01V.zenpr.local | RidManager | passed |
| Server-DC-01V.zenpr.local | Services | passed |
| Server-DC-01V.zenpr.local | SystemLog | passed |
| Server-DC-01V.zenpr.local | VerifyReferences | passed |
| Server-DC-01V.zenpr.local | CheckSDRefDom | passed |
| Server-DC-01V.zenpr.local | CheckSDRefDom | passed |
| Server-DC-01V.zenpr.local | CheckSDRefDom | passed |
| Server-DC-01V.zenpr.local | CrossRefValidation | passed |
| Server-DC-01V.zenpr.local | CheckSDRefDom | passed |
| Server-DC-01V.zenpr.local | CrossRefValidation | passed |
| Server-DC-01V.zenpr.local | CheckSDRefDom | passed |
| Server-DC-01V.zenpr.local | CrossRefValidation | passed |
| Server-DC-01V.zenpr.local | LocatorCheck | passed |
| Server-DC-01V.zenpr.local | Intersite | passed |
Table 14 - AD Domain Controller DCDiag Information - ZENPR.LOCAL
Table 22 - Domain Controller DCDiag - SERVER-DC-01V
| DC Name | Test Name | Result |
|---|---|---|
| cayey-dc-01v.zenpr.local | Connectivity | passed |
| cayey-dc-01v.zenpr.local | Advertising | passed |
| cayey-dc-01v.zenpr.local | FrsEvent | passed |
| cayey-dc-01v.zenpr.local | DFSREvent | passed |
| cayey-dc-01v.zenpr.local | SysVolCheck | passed |
| cayey-dc-01v.zenpr.local | KccEvent | passed |
| cayey-dc-01v.zenpr.local | KnowsOfRoleHolders | passed |
| cayey-dc-01v.zenpr.local | MachineAccount | passed |
| cayey-dc-01v.zenpr.local | NCSecDesc | passed |
| cayey-dc-01v.zenpr.local | NetLogons | passed |
| cayey-dc-01v.zenpr.local | ObjectsReplicated | passed |
| cayey-dc-01v.zenpr.local | Replications | passed |
| cayey-dc-01v.zenpr.local | RidManager | passed |
| cayey-dc-01v.zenpr.local | Services | passed |
| cayey-dc-01v.zenpr.local | SystemLog | passed |
| cayey-dc-01v.zenpr.local | VerifyReferences | passed |
| cayey-dc-01v.zenpr.local | CheckSDRefDom | passed |
| cayey-dc-01v.zenpr.local | CheckSDRefDom | passed |
| cayey-dc-01v.zenpr.local | CheckSDRefDom | passed |
| cayey-dc-01v.zenpr.local | CrossRefValidation | passed |
| cayey-dc-01v.zenpr.local | CheckSDRefDom | passed |
| cayey-dc-01v.zenpr.local | CrossRefValidation | passed |
| cayey-dc-01v.zenpr.local | CheckSDRefDom | passed |
| cayey-dc-01v.zenpr.local | CrossRefValidation | passed |
| cayey-dc-01v.zenpr.local | LocatorCheck | passed |
| cayey-dc-01v.zenpr.local | Intersite | passed |
Table 15 - AD Domain Controller DCDiag Information - ZENPR.LOCAL
1.2.1.7.5 SERVER-DC-01V Infrastructure Services Status
The following section provides a summary of the Domain Controller Infrastructure services status.
| cayey-dc-01v.pharmax.local | Advertising | passed |
| cayey-dc-01v.pharmax.local | CheckSDRefDom | passed |
| cayey-dc-01v.pharmax.local | CheckSDRefDom | passed |
| cayey-dc-01v.pharmax.local | CheckSDRefDom | passed |
| cayey-dc-01v.pharmax.local | CheckSDRefDom | passed |
| cayey-dc-01v.pharmax.local | CheckSDRefDom | passed |
| cayey-dc-01v.pharmax.local | Connectivity | passed |
| cayey-dc-01v.pharmax.local | CrossRefValidation | passed |
| cayey-dc-01v.pharmax.local | CrossRefValidation | passed |
| cayey-dc-01v.pharmax.local | CrossRefValidation | passed |
| cayey-dc-01v.pharmax.local | DFSREvent | passed |
| cayey-dc-01v.pharmax.local | FrsEvent | passed |
| cayey-dc-01v.pharmax.local | Intersite | passed |
| cayey-dc-01v.pharmax.local | KccEvent | passed |
| cayey-dc-01v.pharmax.local | KnowsOfRoleHolders | passed |
| cayey-dc-01v.pharmax.local | LocatorCheck | passed |
| cayey-dc-01v.pharmax.local | MachineAccount | passed |
| cayey-dc-01v.pharmax.local | NCSecDesc | passed |
| cayey-dc-01v.pharmax.local | NetLogons | passed |
| cayey-dc-01v.pharmax.local | ObjectsReplicated | passed |
| cayey-dc-01v.pharmax.local | Replications | passed |
| cayey-dc-01v.pharmax.local | RidManager | passed |
| cayey-dc-01v.pharmax.local | Services | passed |
| cayey-dc-01v.pharmax.local | SystemLog | failed |
| cayey-dc-01v.pharmax.local | SysVolCheck | passed |
| cayey-dc-01v.pharmax.local | VerifyReferences | passed |
Table 23 - Domain Controller DCDiag - CAYEY-DC-01V
1.2.1.7.6 SERVER-DC-01V Infrastructure Services Status
The following section provides a summary of the Domain Controller Infrastructure services status.
| Display Name | Short Name | Status |
|---|---|---|
| DNS Server | DNS | Running |
| Active Directory Domain Services | NTDS | Running |
| Active Directory Web Services | ADWS | Running |
| DFS Replication | DFSR | Running |
| DNS Server | DNS | Running |
| Intersite Messaging | IsmServ | Running |
| Kerberos Key Distribution Center | Kdc | Running |
| NetLogon | Netlogon | Running |
| Active Directory Domain Services | NTDS | Running |
| Windows Time | W32Time | Running |
| Active Directory Web Services | ADWS | Running |
Table 16 - Domain Controller Infrastructure Services Status Information.
1.2.1.7.6 CAYEY-DC-01V Infrastructure Services Status
The following section provides a summary of the Domain Controller Infrastructure services status.
| Display Name | Short Name | Status |
|---|---|---|
| DNS Server | DNS | Running |
| Active Directory Domain Services | NTDS | Running |
| Active Directory Web Services | ADWS | Running |
| DFS Replication | DFSR | Running |
| DNS Server | DNS | Running |
| Intersite Messaging | IsmServ | Running |
| Kerberos Key Distribution Center | Kdc | Running |
| NetLogon | Netlogon | Running |
| Active Directory Domain Services | NTDS | Running |
| Windows Time | W32Time | Running |
| Active Directory Web Services | ADWS | Running |
Table 17 - Domain Controller Infrastructure Services Status Information.
1.2.1.7.7 Sites Replication
The following section provides a summary of the Active Directory Site Replication information.
| DC Name | SERVER-DC-01V |
|---|---|
| GUID | 9dd36d8c-c157-4886-b411-c316fdf19c86 |
| Description | - |
| Replicate From Directory Server | CAYEY-DC-01V |
| Replicate To Directory Server | SERVER-DC-01V |
| Replicated Naming Contexts | DC=DomainDnsZones,DC=pharmax,DC=local DC=ForestDnsZones,DC=pharmax,DC=local CN=Schema,CN=Configuration,DC=pharmax,DC=local CN=Configuration,DC=pharmax,DC=local DC=pharmax,DC=local |
| Transport Protocol | IP |
| AutoGenerated | Yes |
| Enabled | Yes |
| Created | Tue, 07 Dec 2021 15:52:27 GMT |
Table 26 - Site Replication - SERVER-DC-01V
| DC Name | SERVER-DC-01V |
|---|---|
| GUID | d5a28ae4-ee92-47a4-872e-e4115bc8d1a5 |
| Description | - |
| Replicate From Directory Server | ACADE-DC-01V |
| Replicate To Directory Server | SERVER-DC-01V |
| Replicated Naming Contexts | DC=DomainDnsZones,DC=zenpr,DC=local DC=ForestDnsZones,DC=zenpr,DC=local CN=Schema,CN=Configuration,DC=zenpr,DC=local CN=Configuration,DC=zenpr,DC=local DC=zenpr,DC=local |
| Replicated Naming Contexts | DC=DomainDnsZones,DC=pharmax,DC=local DC=ForestDnsZones,DC=pharmax,DC=local CN=Schema,CN=Configuration,DC=pharmax,DC=local CN=Configuration,DC=pharmax,DC=local DC=pharmax,DC=local |
| Transport Protocol | IP |
| AutoGenerated | Yes |
| Enabled | Yes |
| Created | Sun, 05 Sep 2021 16:24:39 GMT |
Table 27 - Site Replication - SERVER-DC-01V
| DC Name | CAYEY-DC-01V |
|---|---|
| GUID | 9b7cbbe0-7c6f-4add-af4a-7b581a7bf5ca |
| GUID | 25644f18-da4e-4c5a-887e-1b17b61e9d53 |
| Description | - |
| Replicate From Directory Server | SERVER-DC-01V |
| Replicate To Directory Server | CAYEY-DC-01V |
| Replicated Naming Contexts | DC=DomainDnsZones,DC=zenpr,DC=local DC=ForestDnsZones,DC=zenpr,DC=local CN=Schema,CN=Configuration,DC=zenpr,DC=local CN=Configuration,DC=zenpr,DC=local DC=zenpr,DC=local |
| Replicated Naming Contexts | DC=DomainDnsZones,DC=pharmax,DC=local DC=ForestDnsZones,DC=pharmax,DC=local CN=Schema,CN=Configuration,DC=pharmax,DC=local CN=Configuration,DC=pharmax,DC=local DC=pharmax,DC=local |
| Transport Protocol | IP |
| AutoGenerated | Yes |
| Enabled | Yes |
| Created | Sat, 04 Sep 2021 01:35:40 GMT |
| Created | Tue, 07 Dec 2021 15:55:03 GMT |
1.2.1.7.8 Sites Replication Failure
The following section provides a summary of the Active Directory Site Replication Failure information.
| Server Name | Server-DC-01V |
|---|---|
| Partner | ACADE-DC-01V |
| Last Error | 1256 |
| Failure Type | Link |
| Failure Count | 0 |
| First Failure Time | Fri, 29 Oct 2021 03:45:08 GMT |
| First Failure Time | Mon, 24 Jan 2022 04:01:06 GMT |
Table 29 - Site Replication Failure - SERVER-DC-01V
| Server Name | Server-DC-01V |
|---|---|
| Partner | CAYEY-DC-01V |
| Last Error | 1256 |
| Last Error | 8524 |
| Failure Type | Link |
| Failure Count | 0 |
| First Failure Time | Fri, 29 Oct 2021 03:45:08 GMT |
| First Failure Time | Mon, 24 Jan 2022 03:46:06 GMT |
1.2.1.7.9 Group Policy Objects Summary
The following section provides a summary of the Group Policy Objects for domain ZENPR.LOCAL.
| GPO Name | GPO Status | Created | Modified |
|---|---|---|---|
| Assign-Applications | All Settings Enabled | 03/10/2021 | 03/10/2021 |
| Certificate AutoEnrollment | User Settings Disabled | 01/25/2020 | 06/30/2021 |
| Default Domain Policy | All Settings Enabled | 06/10/2018 | 09/15/2020 |
| VEEAM_Disable_Firewall | All Settings Enabled | 12/13/2019 | 09/08/2020 |
| Dead Policy | All Settings Disabled | 10/05/2021 | 01/22/2022 |
| Default Domain Controllers Policy | All Settings Enabled | 06/10/2018 | 11/01/2020 |
| Default Domain Policy | All Settings Enabled | 06/10/2018 | 12/19/2021 |
| Horizon-DEM | All Settings Enabled | 03/01/2020 | 09/08/2020 |
| LAPS Configuration | All Settings Enabled | 11/01/2020 | 11/01/2020 |
| Linux-Settings-GPO | All Settings Disabled | 05/22/2021 | 01/22/2022 |
| ProfileUnity | All Settings Enabled | 06/08/2020 | 10/05/2021 |
| SCCM - Restricted Group and General Settings | All Settings Enabled | 09/12/2020 | 09/12/2020 |
| SCEP Configuration | All Settings Enabled | 09/14/2020 | 10/04/2020 |
| VEEAM_Disable_Firewall | All Settings Enabled | 12/13/2019 | 09/08/2020 |
| VEEAM_Local_Administrators | All Settings Enabled | 12/13/2019 | 09/08/2020 |
| WSUS - Domain Policy | User Settings Disabled | 02/23/2020 | 03/10/2021 |
| SCEP Configuration | All Settings Enabled | 09/14/2020 | 10/04/2020 |
| Dead Policy | All Settings Disabled | 10/05/2021 | 10/05/2021 |
| Horizon-DEM | All Settings Enabled | 03/01/2020 | 09/08/2020 |
| Linux-Settings-GPO | Computer Settings Disabled | 05/22/2021 | 10/05/2021 |
| SCCM - Restricted Group and General Settings | All Settings Enabled | 09/12/2020 | 09/12/2020 |
| LAPS Configuration | All Settings Enabled | 11/01/2020 | 11/01/2020 |
Table 18 - GPO Information - ZENPR.LOCAL
1.2.1.7.9.1 GPO with User Logon/Logoff Script
The following section provides a summary of Group Policy Objects with Logon/Logoff Script.
| Domain | Configured | Central Store Path |
|---|---|---|
| PHARMAX.LOCAL | Yes | \\pharmax.local\SYSVOL\pharmax.local\Policies\PolicyDefinitions |
Table 32 - GPO Central Store - PHARMAX.LOCAL
1.2.1.7.10.2 GPO with User Logon/Logoff Script
The following section provides a summary of Group Policy Objects with Logon/Logoff Script.
| GPO Name | GPO Status | Type | Script |
|---|---|---|---|
| ProfileUnity | All Settings Enabled | Logoff | %systemdrive%\Program Files\ProfileUnity\Client.NET\LwL.ProfileUnity.Client.Logoff.exe |
| Dead Policy | All Settings Disabled | Logoff | %systemdrive%\Program Files\ProfileUnity\Client.NET\LwL.ProfileUnity.Client.Logoff.exe |
| Horizon-DEM | All Settings Enabled | Logoff | C:\Program Files\Immidio\Flex Profiles\FlexEngine.exe |
| ProfileUnity | All Settings Enabled | Logoff | %systemdrive%\Program Files\ProfileUnity\Client.NET\LwL.ProfileUnity.Client.Logoff.exe |
Table 19 - GPO with Logon/Logoff Script Information - ZENPR.LOCAL
1.2.1.7.9.2 GPO with Computer Startup/Shutdown Script
The following section provides a summary of Group Policy Objects with Startup/Shutdown Script.
| GPO Name | GPO Status | Type | Script |
|---|---|---|---|
| ProfileUnity | All Settings Enabled | Startup | \\zenpr.local\netlogon\profileunity\LwL.ProfileUnity.Client.Startup.exe |
| Dead Policy | All Settings Disabled | Startup | \\zenpr.local\netlogon\profileunity\LwL.ProfileUnity.Client.Startup.exe |
| Dead Policy | All Settings Disabled | Startup | \\pharmax.local\netlogon\profileunity\LwL.ProfileUnity.Client.Startup.exe |
| ProfileUnity | All Settings Enabled | Startup | \\pharmax.local\netlogon\profileunity\LwL.ProfileUnity.Client.Startup.exe |
Table 20 - GPO with Startup/Shutdown Script Information - ZENPR.LOCAL
1.2.1.7.9.3 Health Check - Unlinked GPO
The following section provides a summary of the Unlinked Group Policy Objects. Corrective Action: Remove Unused GPO.
| GPO Name | Created | Modified | Computer Enabled | User Enabled |
|---|---|---|---|---|
| Dead Policy | 2021-10-05 | 2021-10-05 | No | No |
| Dead Policy | 2021-10-05 | 2022-01-22 | No | No |
Table 21 - Unlinked GPO Information - ZENPR.LOCAL
1.2.1.7.9.4 Health Check - Empty GPOs
The following section provides a summary of the Empty Group Policy Objects. Corrective Action: No User and Computer parameters are set : Remove Unused GPO.
| GPO Name | Created | Modified | Description |
|---|---|---|---|
| Linux-Settings-GPO | 2021-05-23 | 2021-10-05 | - |
| Linux-Settings-GPO | 2021-05-23 | 2022-01-22 | - |
Table 22 - Empty GPO Information - ZENPR.LOCAL
1.2.1.7.9.5 Health Check - Enforced GPO
The following section provides a summary of the Enforced Group Policy Objects.
| GPO Name | Enforced | Order | Target |
|---|---|---|---|
| Linux-Settings-GPO | Yes | 1 | zenpr.local/LinuxMachines |
| Linux-Settings-GPO | Yes | 1 | pharmax.local/LinuxMachines |
Table 23 - Enforced GPO Information - ZENPR.LOCAL
1.2.1.7.10 Organizational Units
The following section provides a summary of Active Directory Organizational Unit information.
| Name | Path | Linked GPO |
|---|---|---|
| Domain Controllers | zenpr.local/Domain Controllers | Default Domain Controllers Policy |
| Member Servers | zenpr.local/Member Servers | - |
| EMC NAS servers | zenpr.local/EMC NAS servers | - |
| Computers | zenpr.local/EMC NAS servers/Computers | - |
| VEEAM Servers | zenpr.local/VEEAM Servers | VEEAM_Disable_Firewall, VEEAM_Local_Administrators |
| VEEAM WorkStations | zenpr.local/VEEAM WorkStations | VEEAM_Local_Administrators, VEEAM_Disable_Firewall |
| VDI-Computers | zenpr.local/VDI-Computers | Horizon-DEM |
| Admins PC | zenpr.local/Admins PC | - |
| Fortinet EMS | zenpr.local/Fortinet EMS | - |
| ProfileUnity VDI | zenpr.local/ProfileUnity VDI | VEEAM_Local_Administrators, VEEAM_Disable_Firewall |
| Servers | zenpr.local/ProfileUnity VDI/Servers | - |
| Computers | zenpr.local/ProfileUnity VDI/Computers | ProfileUnity |
| Configuration Manager | zenpr.local/Configuration Manager | SCEP Configuration, SCCM - Restricted Group and General Settings |
| Marketing | zenpr.local/VDI-Computers/Marketing | - |
| Sales | zenpr.local/VDI-Computers/Sales | - |
| HR | zenpr.local/VDI-Computers/HR | - |
| Finances | zenpr.local/VDI-Computers/Finances | - |
| Configuration Manager Computers | zenpr.local/Configuration Manager Computers | LAPS Configuration, SCEP Configuration |
| - | zenpr.local/- | - |
| LinuxMachines | zenpr.local/LinuxMachines | Linux-Settings-GPO |
Table 24 - Active Directory Organizational Unit Information - ZENPR.LOCAL
1.2.1.7.10.1 Health Check - OU with GPO Blocked Inheritance
The following section provides a summary of the Blocked Inheritance Group Policy Objects.
| Admins PC | pharmax.local/Admins PC | - |
| Computers | pharmax.local/EMC NAS servers/Computers | - |
| Computers | pharmax.local/ProfileUnity VDI/Computers | ProfileUnity |
| Configuration Manager | pharmax.local/Configuration Manager | SCEP Configuration, SCCM - Restricted Group and General Settings |
| Configuration Manager Computers | pharmax.local/Configuration Manager Computers | LAPS Configuration, SCEP Configuration |
| Domain Controllers | pharmax.local/Domain Controllers | Default Domain Controllers Policy |
| EMC NAS servers | pharmax.local/EMC NAS servers | - |
| Finances | pharmax.local/VDI-Computers/Finances | - |
| Fortinet EMS | pharmax.local/Fortinet EMS | - |
| HR | pharmax.local/VDI-Computers/HR | - |
| LinuxMachines | pharmax.local/LinuxMachines | Linux-Settings-GPO |
| Marketing | pharmax.local/VDI-Computers/Marketing | - |
| Member Servers | pharmax.local/Member Servers | - |
| ProfileUnity VDI | pharmax.local/ProfileUnity VDI | VEEAM_Local_Administrators, VEEAM_Disable_Firewall |
| Sales | pharmax.local/VDI-Computers/Sales | - |
| Servers | pharmax.local/ProfileUnity VDI/Servers | - |
| VDI-Computers | pharmax.local/VDI-Computers | Horizon-DEM |
| VEEAM Servers | pharmax.local/VEEAM Servers | VEEAM_Disable_Firewall, VEEAM_Local_Administrators |
| VEEAM WorkStations | pharmax.local/VEEAM WorkStations | VEEAM_Local_Administrators, VEEAM_Disable_Firewall |
Table 38 - Organizational Unit - PHARMAX.LOCAL
1.2.1.7.11.1 Health Check - OU with GPO Blocked Inheritance
The following section provides a summary of the Blocked Inheritance Group Policy Objects.
| OU Name | Container Type | Inheritance Blocked | Path |
|---|---|---|---|
| linuxmachines | OU | Yes | zenpr.local/LinuxMachines |
| fortinet ems | OU | Yes | pharmax.local/Fortinet EMS |
| linuxmachines | OU | Yes | pharmax.local/LinuxMachines |
Table 25 - Blocked Inheritance GPO Information - ZENPR.LOCAL
1.2.2 ACAD.ZENPR.LOCAL Domain Configuration
The following section provides a summary of the Active Directory Domain Information.
| Domain Name | acad |
|---|---|
| NetBIOS Name | ACAD |
| Domain SID | S-1-5-21-370360276-377477351-3184454278 |
| Domain Functional Level | Windows2016Domain |
| Domains | - |
| Forest | zenpr.local |
| Parent Domain | zenpr.local |
| Replica Directory Servers | acade-dc-01v.acad.zenpr.local |
| Forest | pharmax.local |
| Parent Domain | pharmax.local |
| Replica Directory Servers | acade-dc-01v.acad.pharmax.local |
| Child Domains | - |
| Domain Path | acad.zenpr.local/ |
| Computers Container | acad.zenpr.local/Computers |
| Domain Controllers Container | acad.zenpr.local/Domain Controllers |
| Systems Container | acad.zenpr.local/System |
| Users Container | acad.zenpr.local/Users |
| Domain Path | acad.pharmax.local/ |
| Computers Container | acad.pharmax.local/Computers |
| Domain Controllers Container | acad.pharmax.local/Domain Controllers |
| Systems Container | acad.pharmax.local/System |
| Users Container | acad.pharmax.local/Users |
| ReadOnly Replica Directory Servers | - |
Table 26 - AD Domain Summary Information - ACAD.ZENPR.LOCAL
1.2.2.1 Flexible Single Master Operations (FSMO)
The following section provides a summary of the Active Directory FSMO for Domain ACAD.ZENPR.LOCAL.
| Infrastructure Master Server | acade-dc-01v.acad.zenpr.local |
|---|---|
| RID Master Server | acade-dc-01v.acad.zenpr.local |
| PDC Emulator Name | acade-dc-01v.acad.zenpr.local |
| Domain Naming Master Server | Server-DC-01V.zenpr.local |
| Schema Master Server | Server-DC-01V.zenpr.local |
Table 27 - FSMO Server Information - acad.zenpr.local
1.2.2.2 Domain and Trusts
The following section provides a summary of Active Directory Trust information on ACAD.ZENPR.LOCAL.
| Infrastructure Master Server | acade-dc-01v.acad.pharmax.local |
|---|---|
| RID Master Server | acade-dc-01v.acad.pharmax.local |
| PDC Emulator Name | acade-dc-01v.acad.pharmax.local |
| Domain Naming Master Server | Server-DC-01V.pharmax.local |
| Schema Master Server | Server-DC-01V.pharmax.local |
Table 41 - FSMO Server - acad.pharmax.local
1.2.2.2 Domain and Trusts
The following section provides a summary of Active Directory Trust information on ACAD.PHARMAX.LOCAL.
| Name | zenpr.local |
|---|---|
| Path | acad.zenpr.local/System/zenpr.local |
| Name | pharmax.local |
| Path | acad.pharmax.local/System/pharmax.local |
| Source | acad |
| Target | zenpr.local |
| Target | pharmax.local |
| Direction | BiDirectional |
| IntraForest | Yes |
| Selective Authentication | No |
| Trust Type | Uplevel |
| Uplevel Only | No |
Table 28 - Active Directory Trusts Information - ACAD.ZENPR.LOCAL
1.2.2.3 Domain Object Count
The following section provides a summary of the Active Directory Object Count on ACAD.ZENPR.LOCAL.
| Computers | 2 |
|---|---|
| Servers | 2 |
| Privileged Users | 2 |
| Groups | 46 |
Table 29 - Active Directory Object Count Information - ACAD.ZENPR.LOCAL
1.2.2.4 Default Domain Password Policy
The following section provides a summary of the Default Domain Password Policy on ACAD.ZENPR.LOCAL.
| Domain Name | acad.zenpr.local |
|---|---|
| Domain Name | |
| Complexity Enabled | Yes |
| Path | acad.zenpr.local/ |
| Path | acad.pharmax.local/ |
| Lockout Duration | 00 days 00 hours 30 minutes 00 seconds |
| Lockout Threshold | 0 |
| Lockout Observation Window | 00 days 00 hours 30 minutes 00 seconds |
| Password History Count | 24 |
| Reversible Encryption Enabled | No |
Table 30 - Default Domain Password Policy Information - ACAD.ZENPR.LOCAL
1.2.2.5 Fined Grained Password Policies
The following section provides a summary of the Fined Grained Password Policies on ACAD.ZENPR.LOCAL.
| Password Setting Name | ACADTest |
|---|---|
| Domain Name | acad.zenpr.local |
| Domain Name | acad.pharmax.local |
| Complexity Enabled | Yes |
| Path | acad.zenpr.local/System/Password Settings Container/ACADTest |
| Path | acad.pharmax.local/System/Password Settings Container/ACADTest |
| Lockout Duration | 00 days 00 hours 30 minutes 00 seconds |
| Lockout Threshold | 5 |
| Lockout Observation Window | 00 days 00 hours 30 minutes 00 seconds |
| Precedence | 1 |
| Applies To | SCCM-GMSA |
Table 31 - Fined Grained Password Policies Information - ACAD.ZENPR.LOCAL
1.2.2.6 Group Managed Service Accounts (GMSA)
The following section provides a summary of the Group Managed Service Accounts on ACAD.ZENPR.LOCAL.
| Name | SCCMMSA |
|---|---|
| SamAccountName | SCCMMSA$ |
| Created | 09/11/2021 21:01:33 |
| Enabled | Yes |
| DNS Host Name | acad.zenpr.local |
| DNS Host Name | acad.pharmax.local |
| Host Computers | |
| Retrieve Managed Password | SCCM-GMSA |
| Primary Group | Domain Computers |
| Password Expired | No |
| Password Last Set | 09/11/2021 21:01:33 |
Table 32 - Group Managed Service Accounts Information - ACAD.ZENPR.LOCAL
1.2.2.7 Domain Controller Summary
A domain controller (DC) is a server computer that responds to security authentication requests within a computer network domain. It is a network server that is responsible for allowing host access to domain resources. It authenticates users, stores user account information and enforces security policy for a domain.
| DC Name | Domain Name | Site | Global Catalog | Read Only | IP Address |
|---|---|---|---|---|---|
| ACADE-DC-01V | acad.zenpr.local | ACAD | Yes | No | 172.23.4.1 |
| ACADE-DC-01V | acad.pharmax.local | ACAD | Yes | No | 172.23.4.1 |
Table 33 - AD Domain Controller Summary Information - ACAD.ZENPR.LOCAL
1.2.2.7.1 Hardware Inventory
The following section provides a summary of the Domain Controller Hardware for ACAD.ZENPR.LOCAL.
| Name | acade-dc-01v |
|---|---|
| Windows Product Name | Windows Server 2019 Standard Evaluation |
| Windows Current Version | 6.3 |
| Windows Build Number | 10.0.17763 |
| Windows Install Type | Server |
| AD Domain | acad.zenpr.local |
| AD Domain | acad.pharmax.local |
| Windows Installation Date | 09/05/2021 10:35:50 |
| Time Zone | (UTC-04:00) Georgetown, La Paz, Manaus, San Juan |
| License Type | Retail:TB:Eval |
| BIOS Version | |
| Processor Manufacturer | GenuineIntel |
| Processor Model | Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz |
| Number of Processors | 1 |
| Number of Processors | |
| Number of CPU Cores | 2 |
| Number of Logical Cores | 2 |
| Physical Memory (GB) | 4.00 GB |
Table 34 - AD Domain Controller Hardware Information - ACAD.ZENPR.LOCAL
1.2.2.7.2 NTDS Information
The following section provides a summary of the Domain Controller NTDS file size on ACAD.ZENPR.LOCAL.
| DC Name | Database File | Database Size | Log Path | SysVol Path |
|---|---|---|---|---|
| ACADE-DC-01V | C:\Windows\NTDS\ntds.dit | 36.00 MB | C:\Windows\NTDS | C:\Windows\SYSVOL\sysvol |
Table 35 - Domain Controller NTDS Database File Usage Information - ACAD.ZENPR.LOCAL
1.2.2.7.3 Time Source Information
The following section provides a summary of the Domain Controller Time Source configuration on ACAD.ZENPR.LOCAL.
| Name | Time Server | Type |
|---|---|---|
| ACADE-DC-01V | Domain Hierarchy | DOMHIER |
Table 36 - Domain Controller Time Source Configuration - ACAD.ZENPR.LOCAL
1.2.2.7.4 DC Diagnostic
The following section provides a summary of the Active Directory DC Diagnostic.
| DC Name | Test Name | Result |
|---|---|---|
| acade-dc-01v.acad.zenpr.local | Connectivity | passed |
| acade-dc-01v.acad.zenpr.local | Advertising | failed |
| acade-dc-01v.acad.zenpr.local | FrsEvent | passed |
| acade-dc-01v.acad.zenpr.local | DFSREvent | failed |
| acade-dc-01v.acad.zenpr.local | SysVolCheck | failed |
| acade-dc-01v.acad.zenpr.local | KccEvent | passed |
| acade-dc-01v.acad.zenpr.local | KnowsOfRoleHolders | passed |
| acade-dc-01v.acad.zenpr.local | MachineAccount | passed |
| acade-dc-01v.acad.zenpr.local | NCSecDesc | failed |
| acade-dc-01v.acad.zenpr.local | NetLogons | failed |
| acade-dc-01v.acad.zenpr.local | ObjectsReplicated | passed |
| acade-dc-01v.acad.zenpr.local | Replications | passed |
| acade-dc-01v.acad.zenpr.local | RidManager | passed |
| acade-dc-01v.acad.zenpr.local | Services | passed |
| acade-dc-01v.acad.zenpr.local | SystemLog | failed |
| acade-dc-01v.acad.zenpr.local | VerifyReferences | passed |
| acade-dc-01v.acad.zenpr.local | CheckSDRefDom | passed |
| acade-dc-01v.acad.zenpr.local | CheckSDRefDom | passed |
| acade-dc-01v.acad.zenpr.local | CrossRefValidation | passed |
| acade-dc-01v.acad.zenpr.local | CheckSDRefDom | passed |
| acade-dc-01v.acad.zenpr.local | CheckSDRefDom | passed |
| acade-dc-01v.acad.zenpr.local | CrossRefValidation | passed |
| acade-dc-01v.acad.zenpr.local | CheckSDRefDom | passed |
| acade-dc-01v.acad.zenpr.local | CrossRefValidation | passed |
| acade-dc-01v.acad.zenpr.local | LocatorCheck | failed |
| acade-dc-01v.acad.zenpr.local | Intersite | passed |
Table 37 - AD Domain Controller DCDiag Information - ACAD.ZENPR.LOCAL
1.2.2.7.5 ACADE-DC-01V Infrastructure Services Status
The following section provides a summary of the Domain Controller Infrastructure services status.
| acade-dc-01v.acad.pharmax.local | Advertising | failed |
| acade-dc-01v.acad.pharmax.local | CheckSDRefDom | passed |
| acade-dc-01v.acad.pharmax.local | CheckSDRefDom | passed |
| acade-dc-01v.acad.pharmax.local | CheckSDRefDom | passed |
| acade-dc-01v.acad.pharmax.local | CheckSDRefDom | passed |
| acade-dc-01v.acad.pharmax.local | CheckSDRefDom | passed |
| acade-dc-01v.acad.pharmax.local | Connectivity | passed |
| acade-dc-01v.acad.pharmax.local | CrossRefValidation | passed |
| acade-dc-01v.acad.pharmax.local | CrossRefValidation | passed |
| acade-dc-01v.acad.pharmax.local | CrossRefValidation | passed |
| acade-dc-01v.acad.pharmax.local | DFSREvent | failed |
| acade-dc-01v.acad.pharmax.local | FrsEvent | passed |
| acade-dc-01v.acad.pharmax.local | Intersite | passed |
| acade-dc-01v.acad.pharmax.local | KccEvent | passed |
| acade-dc-01v.acad.pharmax.local | KnowsOfRoleHolders | passed |
| acade-dc-01v.acad.pharmax.local | LocatorCheck | failed |
| acade-dc-01v.acad.pharmax.local | MachineAccount | passed |
| acade-dc-01v.acad.pharmax.local | NCSecDesc | failed |
| acade-dc-01v.acad.pharmax.local | NetLogons | failed |
| acade-dc-01v.acad.pharmax.local | ObjectsReplicated | passed |
| acade-dc-01v.acad.pharmax.local | Replications | passed |
| acade-dc-01v.acad.pharmax.local | RidManager | passed |
| acade-dc-01v.acad.pharmax.local | Services | passed |
| acade-dc-01v.acad.pharmax.local | SystemLog | failed |
| acade-dc-01v.acad.pharmax.local | SysVolCheck | failed |
| acade-dc-01v.acad.pharmax.local | VerifyReferences | passed |
Table 51 - Domain Controller DCDiag - ACADE-DC-01V
1.2.2.7.6 ACADE-DC-01V Infrastructure Services Status
The following section provides a summary of the Domain Controller Infrastructure services status.
| Display Name | Short Name | Status |
|---|---|---|
| DNS Server | DNS | Running |
| Active Directory Domain Services | NTDS | Running |
| Active Directory Web Services | ADWS | Running |
| DFS Replication | DFSR | Running |
| DNS Server | DNS | Running |
| Intersite Messaging | IsmServ | Running |
| Kerberos Key Distribution Center | Kdc | Running |
| NetLogon | Netlogon | Running |
| Active Directory Domain Services | NTDS | Running |
| Windows Time | W32Time | Running |
| Active Directory Web Services | ADWS | Running |
Table 38 - Domain Controller Infrastructure Services Status Information.
1.2.2.7.6 Sites Replication
The following section provides a summary of the Active Directory Site Replication information.
| DC Name | ACADE-DC-01V |
|---|---|
| GUID | 739a49db-275b-4d09-81c8-ab9e5f393977 |
| Description | - |
| Replicate From Directory Server | SERVER-DC-01V |
| Replicate To Directory Server | ACADE-DC-01V |
| Replicated Naming Contexts | DC=DomainDnsZones,DC=acad,DC=zenpr,DC=local DC=acad,DC=zenpr,DC=local DC=ForestDnsZones,DC=zenpr,DC=local CN=Schema,CN=Configuration,DC=zenpr,DC=local CN=Configuration,DC=zenpr,DC=local |
| Replicated Naming Contexts | DC=DomainDnsZones,DC=acad,DC=pharmax,DC=local DC=acad,DC=pharmax,DC=local DC=ForestDnsZones,DC=pharmax,DC=local CN=Schema,CN=Configuration,DC=pharmax,DC=local CN=Configuration,DC=pharmax,DC=local |
| Transport Protocol | IP |
| AutoGenerated | Yes |
| Enabled | Yes |
| Created | Sun, 05 Sep 2021 16:26:31 GMT |
Table 39 - Site Replication Information - ACAD.ZENPR.LOCAL
1.2.2.7.7 Group Policy Objects Summary
The following section provides a summary of the Group Policy Objects for domain ACAD.ZENPR.LOCAL.
| GPO Name | GPO Status | Created | Modified |
|---|---|---|---|
| Empty Policy ACAD | All Settings Enabled | 10/05/2021 | 10/05/2021 |
| Default Domain Policy | All Settings Enabled | 09/05/2021 | 10/19/2021 |
| Unlinked Policy ACAD | All Settings Disabled | 10/05/2021 | 10/05/2021 |
| Default Domain Controllers Policy | All Settings Enabled | 09/05/2021 | 09/22/2021 |
| ACAD Certificate AutoEnrollment | All Settings Enabled | 09/22/2021 | 09/22/2021 |
| Default Domain Controllers Policy | All Settings Enabled | 09/05/2021 | 09/22/2021 |
| Default Domain Policy | All Settings Enabled | 09/05/2021 | 10/19/2021 |
| Empty Policy ACAD | All Settings Enabled | 10/05/2021 | 10/05/2021 |
| Logon Script | All Settings Enabled | 10/07/2021 | 10/07/2021 |
| Unlinked Policy ACAD | All Settings Disabled | 10/05/2021 | 10/05/2021 |
Table 40 - GPO Information - ACAD.ZENPR.LOCAL
1.2.2.7.7.1 GPO with User Logon/Logoff Script
The following section provides a summary of Group Policy Objects with Logon/Logoff Script.
| Domain | Configured | Central Store Path |
|---|---|---|
| ACAD.PHARMAX.LOCAL | No | \\acad.pharmax.local\SYSVOL\acad.pharmax.local\Policies\PolicyDefinitions |
Table 55 - GPO Central Store - ACAD.PHARMAX.LOCAL
1.2.2.7.8.2 GPO with User Logon/Logoff Script
The following section provides a summary of Group Policy Objects with Logon/Logoff Script.
| GPO Name | GPO Status | Type | Script |
|---|---|---|---|
| Logon Script | All Settings Enabled | Logon | \\acad.zenpr.local\NETLOGON\enroll.exe |
| Logon Script | All Settings Enabled | Logon | \\acad.pharmax.local\NETLOGON\enroll.exe |
Table 41 - GPO with Logon/Logoff Script Information - ACAD.ZENPR.LOCAL
1.2.2.7.7.2 Health Check - Unlinked GPO
The following section provides a summary of the Unlinked Group Policy Objects. Corrective Action: Remove Unused GPO.
| GPO Name | Created | Modified | Computer Enabled | User Enabled |
|---|---|---|---|---|
| Unlinked Policy ACAD | 2021-10-06 | 2021-10-06 | No | No |
| Logon Script | 2021-10-07 | 2021-10-07 | Yes | Yes |
| Unlinked Policy ACAD | 2021-10-06 | 2021-10-06 | No | No |
Table 42 - Unlinked GPO Information - ACAD.ZENPR.LOCAL
1.2.2.7.7.3 Health Check - Empty GPOs
The following section provides a summary of the Empty Group Policy Objects. Corrective Action: No User and Computer parameters are set : Remove Unused GPO.
| GPO Name | Created | Modified | Description |
|---|---|---|---|
| Empty Policy ACAD | 2021-10-06 | 2021-10-06 | - |
Table 43 - Empty GPO Information - ACAD.ZENPR.LOCAL
1.2.2.7.7.4 Health Check - Enforced GPO
The following section provides a summary of the Enforced Group Policy Objects.
| GPO Name | Enforced | Order | Target |
|---|---|---|---|
| Empty Policy ACAD | Yes | 1 | acad.zenpr.local/Acad Computers/SCCM Computers |
| Empty Policy ACAD | Yes | 1 | acad.pharmax.local/Acad Computers/SCCM Computers |
Table 44 - Enforced GPO Information - ACAD.ZENPR.LOCAL
1.2.2.7.8 Organizational Units
The following section provides a summary of Active Directory Organizational Unit information.
| Name | Path | Linked GPO |
|---|---|---|
| Domain Controllers | acad.zenpr.local/Domain Controllers | Default Domain Controllers Policy |
| Member Servers | acad.zenpr.local/Member Servers | - |
| Acad Computers | acad.zenpr.local/Acad Computers | - |
| SCCM Computers | acad.zenpr.local/Acad Computers/SCCM Computers | Empty Policy ACAD |
| Acad Computers | acad.pharmax.local/Acad Computers | - |
| Domain Controllers | acad.pharmax.local/Domain Controllers | Default Domain Controllers Policy |
| Member Servers | acad.pharmax.local/Member Servers | - |
| SCCM Computers | acad.pharmax.local/Acad Computers/SCCM Computers | Empty Policy ACAD |
Table 45 - Active Directory Organizational Unit Information - ACAD.ZENPR.LOCAL
1.2.2.7.8.1 Health Check - OU with GPO Blocked Inheritance
The following section provides a summary of the Blocked Inheritance Group Policy Objects.
| OU Name | Container Type | Inheritance Blocked | Path |
|---|---|---|---|
| sccm computers | OU | Yes | acad.zenpr.local/Acad Computers/SCCM Computers |
| sccm computers | OU | Yes | acad.pharmax.local/Acad Computers/SCCM Computers |
Table 46 - Blocked Inheritance GPO Information - ACAD.ZENPR.LOCAL
1.3 ZENPR.LOCAL Domain Name System Summary
The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates more readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols.
1.3.1 ZENPR.LOCAL DNS Configuration
The following section provides a configuration summary of the DNS service.
1.3.1.1 Infrastructure Summary
The following section provides a summary of the DNS Infrastructure configuration.
| DC Name | Build Number | IPv6 | DnsSec | ReadOnly DC | Listening IP |
|---|---|---|---|---|---|
| SERVER-DC-01V | 17763 | Yes | No | No | fe80::284b:4bc7:2b30:5832 192.168.5.1 |
| CAYEY-DC-01V | 17763 | Yes | No | No | fe80::b5fd:f35b:d81d:dfcd 10.10.33.1 |
Table 47 - DNS Infrastructure Setting Information.
1.3.1.1.1 Response Rate Limiting (RRL)
The following section provides a summary of the DNS Response Rate Limiting configuration.
| CAYEY-DC-01V | 17763 | Yes | No | No | 10.10.33.1 |
| SERVER-DC-01V | 17763 | Yes | No | No | 192.168.5.1 |
Table 62 - Infrastructure Setting -PHARMAX.LOCAL
1.3.1.1.1 Domain Controller DNS IP Configuration
| DC Name | Interface | DNS IP 1 | DNS IP 2 | DNS IP 3 | DNS IP 4 |
|---|---|---|---|---|---|
| CAYEY-DC-01V | Ethernet0 | 10.10.33.1 | 192.168.5.1 | 127.0.0.1 | - |
| SERVER-DC-01V | Ethernet0 | 192.168.5.1 | 127.0.0.1 | - | - |
Table 63 - IP Configuration -PHARMAX.LOCAL
1.3.1.1.2 Application Directory Partition
1.3.1.1.2.1 SERVER-DC-01V Directory Partition
The following section provides SERVER-DC-01V Directory Partition information.
| Name | State | Flags | Zone Count |
|---|---|---|---|
| DomainDnsZones.acad.pharmax.local | - | Not-Enlisted | 0 |
| DomainDnsZones.pharmax.local | 0 | Enlisted Auto Domain | 7 |
| ForestDnsZones.pharmax.local | 0 | Enlisted Auto Forest | 2 |
Table 64 - Directory Partitions - PHARMAX.LOCAL
1.3.1.1.2.2 CAYEY-DC-01V Directory Partition
The following section provides CAYEY-DC-01V Directory Partition information.
| Name | State | Flags | Zone Count |
|---|---|---|---|
| DomainDnsZones.acad.pharmax.local | - | Not-Enlisted | 0 |
| DomainDnsZones.pharmax.local | 0 | Enlisted Auto Domain | 7 |
| ForestDnsZones.pharmax.local | 0 | Enlisted Auto Forest | 2 |
Table 65 - Directory Partitions - PHARMAX.LOCAL
1.3.1.1.3 Response Rate Limiting (RRL)
| DC Name | Status | Responses Per Sec | Errors Per Sec | Window In Sec | Leak Rate | Truncate Rate |
|---|---|---|---|---|---|---|
| SERVER-DC-01V | Disable | 5 | 5 | 5 | 3 | 2 |
| CAYEY-DC-01V | Disable | 5 | 5 | 5 | 3 | 2 |
| SERVER-DC-01V | Disable | 5 | 5 | 5 | 3 | 2 |
Table 48 - DNS Response Rate Limiting configuration.
1.3.1.1.2 Scavenging Options
The following section provides a summary of the DNS Scavenging configuration.
| DC Name | NoRefresh Interval | Refresh Interval | Scavenging Interval | Last Scavenge Time | Scavenging State |
|---|---|---|---|---|---|
| SERVER-DC-01V | 7.00:00:00 | 7.00:00:00 | 7.00:00:00 | - | Enabled |
| CAYEY-DC-01V | 7.00:00:00 | 7.00:00:00 | 00:00:00 | - | Disabled |
| SERVER-DC-01V | 7.00:00:00 | 7.00:00:00 | 7.00:00:00 | - | Enabled |
Table 49 - DNS Scavenging configuration.
1.3.1.1.3 Forwarder Options
The following section provides a summary of the DNS Forwarder configuration.
| DC Name | IP Address | Timeout | Use Root Hint | Use Recursion |
|---|---|---|---|---|
| SERVER-DC-01V | 192.168.1.2 192.168.1.1 | 3/s | Yes | Yes |
| CAYEY-DC-01V | 192.168.5.1 192.168.1.1 | 3/s | Yes | Yes |
Table 50 - DNS Infrastructure Forwarder configuration.
1.3.1.1.4 Zone Scope Recursion
The following section provides a summary of the DNS Zone Scope Recursion configuration.
| CAYEY-DC-01V | 192.168.5.1 | 3/s | Yes | Yes |
| SERVER-DC-01V | 10.0.0.138 | 3/s | Yes | Yes |
Table 68 - Forwarders - PHARMAX.LOCAL
1.3.1.1.6 Root Hints
1.3.1.1.6.1 SERVER-DC-01V Root Hints
The following section provides SERVER-DC-01V Root Hints information.
| Name | IP Address |
|---|---|
| a.root-servers.net. | 198.41.0.4 |
| b.root-servers.net. | 199.9.14.201 |
| c.root-servers.net. | 192.33.4.12 |
| d.root-servers.net. | 199.7.91.13 |
| e.root-servers.net. | 192.203.230.10 |
| f.root-servers.net. | 192.5.5.241 |
| g.root-servers.net. | 192.112.36.4 |
| h.root-servers.net. | 198.97.190.53 |
| i.root-servers.net. | 192.36.148.17 |
| j.root-servers.net. | 192.58.128.30 |
| k.root-servers.net. | 193.0.14.129 |
| l.root-servers.net. | 199.7.83.42 |
| m.root-servers.net. | 202.12.27.33 |
Table 69 - Root Hints - PHARMAX.LOCAL
1.3.1.1.6.2 CAYEY-DC-01V Root Hints
The following section provides CAYEY-DC-01V Root Hints information.
| Name | IP Address |
|---|---|
| a.root-servers.net. | 198.41.0.4 |
| b.root-servers.net. | 199.9.14.201 |
| c.root-servers.net. | 192.33.4.12 |
| d.root-servers.net. | 199.7.91.13 |
| e.root-servers.net. | 192.203.230.10 |
| f.root-servers.net. | 192.5.5.241 |
| g.root-servers.net. | 192.112.36.4 |
| h.root-servers.net. | 198.97.190.53 |
| i.root-servers.net. | 192.36.148.17 |
| j.root-servers.net. | 192.58.128.30 |
| k.root-servers.net. | 193.0.14.129 |
| l.root-servers.net. | 199.7.83.42 |
| m.root-servers.net. | 202.12.27.33 |
Table 70 - Root Hints - PHARMAX.LOCAL
1.3.1.1.7 Zone Scope Recursion
| DC Name | Zone Name | Forwarder | Use Recursion |
|---|---|---|---|
| SERVER-DC-01V | Root | 192.168.1.2 192.168.1.1 | Yes |
| CAYEY-DC-01V | Root | 192.168.5.1 192.168.1.1 | Yes |
| CAYEY-DC-01V | Root | 192.168.5.1 | Yes |
| SERVER-DC-01V | Root | 10.0.0.138 | Yes |
Table 51 - DNS Zone Scope Recursion configuration.
1.3.1.2 SERVER-DC-01V DNS Zone Configuration
The following section provides a summary of the DNS Zone Configuration information.
| Zone Name | Zone Type | Replication Scope | Dynamic Update | DS Integrated | Read Only | Signed |
|---|---|---|---|---|---|---|
| _msdcs.zenpr.local | Primary | Forest | Secure | Yes | No | No |
| zenpr.local | Primary | Domain | Secure | Yes | No | No |
| _msdcs.pharmax.local | Primary | Forest | Secure | Yes | No | No |
| pharmax.local | Primary | Domain | Secure | Yes | No | No |
| TrustAnchors | Primary | Forest | None | Yes | No | No |
| zenprsolutions.local | Stub | Domain | - | Yes | No | - |
Table 52 - DNS Zone Information.
1.3.1.2.1 SERVER-DC-01V Zone Delegation
The following section provides a summary of the DNS Zone Delegation information.
| Zone Name | Child Zone | Name Server | IP Address |
|---|---|---|---|
| zenpr.local | _msdcs.zenpr.local. | server-dc-01v.zenpr.local. | 192.168.5.1 |
| zenpr.local | acad.zenpr.local. | ACADE-DC-01V.acad.zenpr.local. | 172.23.4.1 |
| pharmax.local | acad.pharmax.local. | ACADE-DC-01V.acad.pharmax.local. | 172.23.4.1 |
| pharmax.local | _msdcs.pharmax.local. | server-dc-01v.pharmax.local. | 192.168.5.1 |
Table 53 - DNS Zone Delegation Information.
1.3.1.2.2 SERVER-DC-01V Reverse Lookup Zone Configuration
The following section provides a summary of the DNS Reverse Lookup Zone Configuration information.
| Zone Name | pharmax.local |
|---|---|
| Secondary Servers | 172.23.4.1 |
| Notify Servers | - |
| Secure Secondaries | Send zone transfers only to name servers that are authoritative for the zone. |
Table 74 - Zone Transfers - pharmax.local
1.3.1.2.3 Reverse Lookup Zone Configuration
| Zone Name | Zone Type | Replication Scope | Dynamic Update | DS Integrated | Read Only | Signed |
|---|---|---|---|---|---|---|
| 0.in-addr.arpa | Primary | None | None | No | No | No |
| 10.10.in-addr.arpa | Primary | Domain | Secure | Yes | No | No |
| 23.172.in-addr.arpa | Primary | Domain | Secure | Yes | No | No |
| 255.in-addr.arpa | Primary | None | None | No | No | No |
Table 54 - DNS Zone Information.
1.3.1.2.3 SERVER-DC-01V Conditional Forwarder
The following section provides a summary of the DNS Conditional Forwarder information.
| Zone Name | Zone Type | Replication Scope | Master Servers | DS Integrated |
|---|---|---|---|---|
| zenprsolutions.gov | Forwarder | Domain | 8.8.8.8 | True |
Table 55 - DNS Conditional Forwarder Information.
1.3.1.2.4 SERVER-DC-01V Zone Scope Aging Properties
The following section provides a summary of the DNS Zone Aging properties information.
| Zone Name | Aging Enabled | Refresh Interval | NoRefresh Interval | Available For Scavenge |
|---|---|---|---|---|
| _msdcs.zenpr.local | Yes | 7.00:00:00 | 7.00:00:00 | Fri, 05 Nov 2021 13:00:00 GMT |
| zenpr.local | Yes | 7.00:00:00 | 7.00:00:00 | Fri, 05 Nov 2021 13:00:00 GMT |
| TrustAnchors | Yes | 7.00:00:00 | 7.00:00:00 | Fri, 05 Nov 2021 13:00:00 GMT |
| _msdcs.pharmax.local | Yes | 7.00:00:00 | 7.00:00:00 | Sat, 29 Jan 2022 18:00:00 GMT |
| pharmax.local | Yes | 7.00:00:00 | 7.00:00:00 | Mon, 31 Jan 2022 10:00:00 GMT |
| TrustAnchors | Yes | 7.00:00:00 | 7.00:00:00 | Mon, 31 Jan 2022 10:00:00 GMT |
Table 56 - DNS Zone Aging properties Information.
1.3.1.3 CAYEY-DC-01V DNS Zone Configuration
The following section provides a summary of the DNS Zone Configuration information.
| Zone Name | Zone Type | Replication Scope | Dynamic Update | DS Integrated | Read Only | Signed |
|---|---|---|---|---|---|---|
| _msdcs.zenpr.local | Primary | Forest | Secure | Yes | No | No |
| zenpr.local | Primary | Domain | Secure | Yes | No | No |
| _msdcs.pharmax.local | Primary | Forest | Secure | Yes | No | No |
| pharmax.local | Primary | Domain | Secure | Yes | No | No |
| TrustAnchors | Primary | Forest | None | Yes | No | No |
| zenpr.local | Secondary | - | - | No | No | - |
| zenprsolutions.local | Stub | Domain | - | Yes | No | - |
Table 57 - DNS Zone Information.
1.3.1.3.1 CAYEY-DC-01V Zone Delegation
The following section provides a summary of the DNS Zone Delegation information.
| Zone Name | Child Zone | Name Server | IP Address |
|---|---|---|---|
| zenpr.local | _msdcs.zenpr.local. | server-dc-01v.zenpr.local. | 192.168.5.1 |
| zenpr.local | acad.zenpr.local. | ACADE-DC-01V.acad.zenpr.local. | 172.23.4.1 |
| pharmax.local | acad.pharmax.local. | ACADE-DC-01V.acad.pharmax.local. | 172.23.4.1 |
| pharmax.local | _msdcs.pharmax.local. | server-dc-01v.pharmax.local. | 192.168.5.1 |
Table 58 - DNS Zone Delegation Information.
1.3.1.3.2 CAYEY-DC-01V Reverse Lookup Zone Configuration
The following section provides a summary of the DNS Reverse Lookup Zone Configuration information.
| Zone Name | Zone Type | Replication Scope | Dynamic Update | DS Integrated | Read Only | Signed |
|---|---|---|---|---|---|---|
| 0.in-addr.arpa | Primary | None | None | No | No | No |
| 10.10.in-addr.arpa | Primary | Domain | Secure | Yes | No | No |
| 23.172.in-addr.arpa | Primary | Domain | Secure | Yes | No | No |
| 255.in-addr.arpa | Primary | None | None | No | No | No |
Table 59 - DNS Zone Information.
1.3.1.3.3 CAYEY-DC-01V Conditional Forwarder
The following section provides a summary of the DNS Conditional Forwarder information.
| Zone Name | Zone Type | Replication Scope | Master Servers | DS Integrated |
|---|---|---|---|---|
| zenprsolutions.edu | Forwarder | None | 1.1.1.1 | False |
| zenprsolutions.gov | Forwarder | Domain | 8.8.8.8 | True |
Table 60 - DNS Conditional Forwarder Information.
1.3.1.3.4 CAYEY-DC-01V Zone Scope Aging Properties
The following section provides a summary of the DNS Zone Aging properties information.
| Zone Name | Aging Enabled | Refresh Interval | NoRefresh Interval | Available For Scavenge |
|---|---|---|---|---|
| _msdcs.zenpr.local | Yes | 7.00:00:00 | 7.00:00:00 | Sun, 12 Sep 2021 23:00:00 GMT |
| zenpr.local | Yes | 7.00:00:00 | 7.00:00:00 | Fri, 24 Sep 2021 23:00:00 GMT |
| _msdcs.pharmax.local | Yes | 7.00:00:00 | 7.00:00:00 | Sat, 29 Jan 2022 18:00:00 GMT |
| pharmax.local | Yes | 7.00:00:00 | 7.00:00:00 | Fri, 24 Sep 2021 23:00:00 GMT |
| TrustAnchors | Yes | 7.00:00:00 | 7.00:00:00 | Thu, 07 Jan 2021 16:00:00 GMT |
Table 61 - DNS Zone Aging properties Information.
1.3.2 ACAD.ZENPR.LOCAL DNS Configuration
The following section provides a configuration summary of the DNS service.
1.3.2.1 Infrastructure Summary
The following section provides a summary of the DNS Infrastructure configuration.
| DC Name | Build Number | IPv6 | DnsSec | ReadOnly DC | Listening IP |
|---|---|---|---|---|---|
| ACADE-DC-01V | 17763 | Yes | No | No | fd99:9971::1 fd99:9971::cb7:65e6:4475:2eba fe80::9896:1b46:502:8b34 172.23.4.1 |
Table 62 - DNS Infrastructure Setting Information.
1.3.2.1.1 Response Rate Limiting (RRL)
The following section provides a summary of the DNS Response Rate Limiting configuration.
| ACADE-DC-01V | 17763 | Yes | No | No | 172.23.4.1 |
Table 83 - Infrastructure Setting -ACAD.PHARMAX.LOCAL
1.3.2.1.1 Domain Controller DNS IP Configuration
| DC Name | Interface | DNS IP 1 | DNS IP 2 | DNS IP 3 | DNS IP 4 |
|---|---|---|---|---|---|
| ACADE-DC-01V | Ethernet0 | 172.23.4.1 | 192.168.5.1 | 127.0.0.1 | - |
Table 84 - IP Configuration -ACAD.PHARMAX.LOCAL
1.3.2.1.2 Application Directory Partition
1.3.2.1.2.1 ACADE-DC-01V Directory Partition
The following section provides ACADE-DC-01V Directory Partition information.
| Name | State | Flags | Zone Count |
|---|---|---|---|
| DomainDnsZones.acad.pharmax.local | 0 | Enlisted Auto Domain | 3 |
| DomainDnsZones.pharmax.local | - | Not-Enlisted | 0 |
| ForestDnsZones.pharmax.local | 0 | Enlisted Auto Forest | 2 |
Table 85 - Directory Partitions - ACAD.PHARMAX.LOCAL
1.3.2.1.3 Response Rate Limiting (RRL)
| DC Name | Status | Responses Per Sec | Errors Per Sec | Window In Sec | Leak Rate | Truncate Rate |
|---|---|---|---|---|---|---|
| ACADE-DC-01V | Disable | 5 | 5 | 5 | 3 | 2 |
Table 63 - DNS Response Rate Limiting configuration.
1.3.2.1.2 Scavenging Options
The following section provides a summary of the DNS Scavenging configuration.
| DC Name | NoRefresh Interval | Refresh Interval | Scavenging Interval | Last Scavenge Time | Scavenging State |
|---|---|---|---|---|---|
| ACADE-DC-01V | 7.00:00:00 | 7.00:00:00 | 00:00:00 | - | Disabled |
Table 64 - DNS Scavenging configuration.
1.3.2.1.3 Forwarder Options
The following section provides a summary of the DNS Forwarder configuration.
| DC Name | IP Address | Timeout | Use Root Hint | Use Recursion |
|---|---|---|---|---|
| ACADE-DC-01V | 192.168.5.1 | 3/s | Yes | Yes |
Table 65 - DNS Infrastructure Forwarder configuration.
1.3.2.1.4 Zone Scope Recursion
The following section provides a summary of the DNS Zone Scope Recursion configuration.
| Name | IP Address |
|---|---|
| a.root-servers.net. | 198.41.0.4 |
| b.root-servers.net. | 199.9.14.201 |
| c.root-servers.net. | 2001:500:2::c |
| d.root-servers.net. | 2001:500:2d::d |
| e.root-servers.net. | 2001:500:a8::e |
| f.root-servers.net. | 2001:500:2f::f |
| g.root-servers.net. | 2001:500:12::d0d |
| h.root-servers.net. | 2001:500:1::53 |
| i.root-servers.net. | 2001:7fe::53 |
| j.root-servers.net. | 2001:503:c27::2:30 |
| k.root-servers.net. | 2001:7fd::1 |
| l.root-servers.net. | 2001:500:9f::42 |
| m.root-servers.net. | 2001:dc3::35 |
Table 89 - Root Hints - ACAD.PHARMAX.LOCAL
1.3.2.1.7 Zone Scope Recursion
| DC Name | Zone Name | Forwarder | Use Recursion |
|---|---|---|---|
| ACADE-DC-01V | Root | 192.168.5.1 | Yes |
Table 66 - DNS Zone Scope Recursion configuration.
1.4 ZENPR.LOCAL Dynamic Host Configuration Protocol Summary
The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client/server architecture.
1.4.1 ZENPR.LOCAL Domain DHCP Configuration
The following section provides a summary of the Dynamic Host Configuration Protocol.
1.4.1.1 DHCP Servers In Active Directory
The following section provides a summary of the DHCP servers information on ZENPR.LOCAL.
| Zone Name | Zone Type | Replication Scope | Dynamic Update | DS Integrated | Read Only | Signed |
|---|---|---|---|---|---|---|
| _msdcs.pharmax.local | Primary | Forest | Secure | Yes | No | No |
| acad.pharmax.local | Primary | Domain | Secure | Yes | No | No |
| TrustAnchors | Primary | Forest | None | Yes | No | No |
| zenpr.local | Secondary | - | - | No | No | - |
Table 91 - Zones - ACAD.PHARMAX.LOCAL
1.3.2.2.1 Zone Transfers
| Zone Name | acad.pharmax.local |
|---|---|
| Secondary Servers | 172.23.4.2, 10.10.40.2 |
| Notify Servers | 172.23.4.2 |
| Secure Secondaries | Send zone transfers only to servers you specify in Secondary Servers. |
Table 92 - Zone Transfers - acad.pharmax.local
| Zone Name | zenpr.local |
|---|---|
| Secondary Servers | 172.23.4.2 |
| Notify Servers | 172.24.4.2 |
| Secure Secondaries | Send zone transfers only to servers you specify in Secondary Servers. |
Table 93 - Zone Transfers - zenpr.local
1.3.2.2.2 Reverse Lookup Zone Configuration
| Zone Name | Zone Type | Replication Scope | Dynamic Update | DS Integrated | Read Only | Signed |
|---|---|---|---|---|---|---|
| 0.23.172.in-addr.arpa | Primary | Domain | Secure | Yes | No | No |
| 0.in-addr.arpa | Primary | None | None | No | No | No |
| 127.in-addr.arpa | Primary | None | None | No | No | No |
| 255.in-addr.arpa | Primary | None | None | No | No | No |
Table 94 - Zones - ACAD.PHARMAX.LOCAL
1.3.2.2.3 Conditional Forwarder
| Zone Name | Zone Type | Replication Scope | Master Servers | DS Integrated |
|---|---|---|---|---|
| zenprsolutions.local | Forwarder | None | 8.8.8.8 | False |
Table 95 - Conditional Forwarders - ACAD.PHARMAX.LOCAL
1.3.2.2.4 Zone Scope Aging Properties
| Zone Name | Aging Enabled | Refresh Interval | NoRefresh Interval | Available For Scavenge |
|---|---|---|---|---|
| _msdcs.pharmax.local | Yes | 7.00:00:00 | 7.00:00:00 | Sat, 29 Jan 2022 18:00:00 GMT |
| acad.pharmax.local | No | 7.00:00:00 | 7.00:00:00 | - |
| TrustAnchors | Yes | 7.00:00:00 | 7.00:00:00 | Thu, 07 Jan 2021 16:00:00 GMT |
Table 96 - Zone Aging Properties - ACAD.PHARMAX.LOCAL
1.4 Dynamic Host Configuration Protocol Summary
The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client/server architecture.
1.4.1 PHARMAX.LOCAL Domain DHCP Configuration
The following section provides a summary of the Dynamic Host Configuration Protocol.
1.4.1.1 DHCP Servers In Active Directory
The following section provides a summary of the DHCP servers information on PHARMAX.LOCAL.
| DC Name | IP Address | Domain Name | Domain Joined | Authorized | Conflict Detection Attempts |
|---|---|---|---|---|---|
| cayey-dc-01v | 10.10.33.1 | zenpr.local | Yes | Yes | 0 |
| server-dc-01v-0 | 192.168.5.1 | zenpr.local | - | - | |
| server-dc-01v | 192.168.5.1 | zenpr.local | Yes | Yes | 1 |
| cayey-dc-01v | 10.10.33.1 | pharmax.local | Yes | Yes | 0 |
| server-dc-01v | 192.168.5.1 | pharmax.local | Yes | Yes | 1 |
Table 68 - DHCP Servers In Active Directory Information - ZENPR.LOCAL
1.4.1.1.1 Service Database
The following section provides a summary of the DHCP servers service database information on ZENPR.LOCAL.
| DC Name | File Path | Backup Path | Backup Interval | Logging Enabled |
|---|---|---|---|---|
| cayey-dc-01v | C:\Windows\system32\dhcp\dhcp.mdb | C:\Windows\system32\dhcp\backup | 60 min | Yes |
| server-dc-01v-0 | - | - | - | - |
| server-dc-01v | C:\Windows\system32\dhcp\dhcp.mdb | C:\Windows\system32\dhcp\backup | 60 min | Yes |
Table 69 - DHCP Servers Database Information - ZENPR.LOCAL
1.4.1.1.2 Dynamic DNS credentials
The following section provides a summary of the DHCP Servers Dynamic DNS registration credentials information on ZENPR.LOCAL.
| DC Name | User Name | Domain Name |
|---|---|---|
| cayey-dc-01v | - | - |
| server-dc-01v-0 | - | - |
| server-dc-01v | administrator | ZENPR.LOCAL |
| server-dc-01v | - | - |
Table 70 - DHCP Servers Dynamic DNS Credentials Information - ZENPR.LOCAL
1.4.1.2 IPv4 Scope Summary
The following section provides a IPv4 configuration summary of the Dynamic Host Configuration Protocol.
1.4.1.2.1 IPv4 Service Statistics
The following section provides a summary of the DHCP servers IPv4 Statistics information on ZENPR.LOCAL.
| DC Name | Total Scopes | Total Addresses | Addresses In Use | Addresses Available | Percentage In Use | Percentage Available |
|---|---|---|---|---|---|---|
| cayey-dc-01v | 2 | 458 | 5 | 453 | 1 | 99 |
| server-dc-01v-0 | - | - | - | - | 0 | 0 |
| server-dc-01v | 9 | 1874 | 163 | 1711 | 9 | 91 |
| cayey-dc-01v | 2 | 458 | 3 | 455 | 1 | 99 |
| server-dc-01v | 9 | 1874 | 181 | 1693 | 10 | 90 |
Table 71 - DHCP Server IPv4 Statistics Information - ZENPR.LOCAL
1.4.1.2.2 CAYEY-DC-01V IPv4 Scopes
The following section provides a summary of the DHCP servers IPv4 Scope information.
| Scope Id | Scope Name | Scope Range | Lease Duration | State |
|---|---|---|---|---|
| 10.10.33.0/24 | ESX-VM-NETWORK-DR | 10.10.33.40 - 10.10.33.253 | 100.00:00:00 | Active |
| 10.10.34.0/24 | ESXi-ISCSI-BLOCK-A-DR | 10.10.34.10 - 10.10.34.253 | 8.00:00:00 | Active |
Table 72 - IPv4 Scopes Information - CAYEY-DC-01V
1.4.1.2.2.1 CAYEY-DC-01V IPv4 Scope Statistics
The following section provides a summary of the DHCP servers IPv4 Scope Statistics information.
| Scope Id | Free IP | In Use IP | Percentage In Use | Reserved IP |
|---|---|---|---|---|
| 10.10.33.0 | 210 | 4 | 2 | 3 |
| 10.10.33.0 | 212 | 2 | 1 | 3 |
| 10.10.34.0 | 243 | 1 | 0 | 0 |
Table 73 - IPv4 Scope Statistics Information - CAYEY-DC-01V
1.4.1.2.2.2 CAYEY-DC-01V IPv4 Scope Failover
The following section provides a summary of the DHCP servers IPv4 Scope Failover information.
| DHCP Server | cayey-dc-01v.zenpr.local |
|---|---|
| Partner DHCP Server | server-dc-01v.zenpr.local |
| DHCP Server | cayey-dc-01v.pharmax.local |
| Partner DHCP Server | server-dc-01v.pharmax.local |
| Mode | LoadBalance |
| LoadBalance Percent | 20 |
| Server Role | - |
| Auto State Transition | No |
| Authetication Enable | Yes |
Table 103 - IPv4 Scope Failover Cofiguration - CAYEY-DC-01V
| DHCP Server | cayey-dc-01v.zenpr.local |
|---|---|
| Partner DHCP Server | server-dc-01v.zenpr.local |
| DHCP Server | cayey-dc-01v.pharmax.local |
| Partner DHCP Server | server-dc-01v.pharmax.local |
| Mode | HotStandby |
| LoadBalance Percent | 0 |
| Server Role | Active |
| Auto State Transition | Yes |
| Authetication Enable | No |
1.4.1.2.2.3 CAYEY-DC-01V IPv4 Network Interface Binding
The following section provides a summary of the IPv4 Network Interface binding.
| Interface Alias | IP Address | Subnet Mask | State |
|---|---|---|---|
| Ethernet0 | 10.10.33.1 | 255.255.255.0 | Enabled |
Table 74 - IPv4 Network Interface binding Information - CAYEY-DC-01V
1.4.1.2.3 CAYEY-DC-01V IPv4 Scope Server Options
The following section provides a summary of the DHCP servers IPv4 Scope Server Options information.
| Name | Option Id | Value | Policy Name |
|---|---|---|---|
| Time Offset | 2 | 0 | - |
| Time Server | 4 | 10.10.33.1 | - |
| Name Servers | 5 | 10.10.33.1 | - |
| DNS Servers | 6 | 10.10.33.1 192.168.5.1 | - |
Table 75 - IPv4 Scopes Server Options Information - CAYEY-DC-01V
1.4.1.2.3.1 Scope DNS Setting
The following section provides a summary of the DHCP servers IPv4 Scope DNS Setting information.
| Dynamic Updates | OnClientRequest |
|---|---|
| Dns Suffix | - |
| Disable Dns Ptr RR Update | No |
| Delete Dns RR On Lease Expiry | Yes |
Table 76 - IPv4 Scopes DNS Setting Information - cayey-dc-01v
1.4.1.2.3.2 10.10.33.0 Scope Options Configuration
The following section provides a summary of the DHCP servers IPv4 Scope Server Options information.
| Name | Option Id | Value | Policy Name |
|---|---|---|---|
| Router | 3 | 10.10.33.254 | - |
| Lease | 51 | 8640000 | - |
| 81 | 23 | - | |
| Boot Server Host Name | 66 | 192.168.5.2 | - |
| Bootfile Name | 67 | snponly64.efi.vmw-hardwired | - |
| 81 | 23 | - |
Table 77 - IPv4 Scopes Options Information - 10.10.33.0
1.4.1.2.3.3 10.10.34.0 Scope Options Configuration
The following section provides a summary of the DHCP servers IPv4 Scope Server Options information.
| Name | Option Id | Value | Policy Name |
|---|---|---|---|
| Lease | 51 | 691200 | - |
| Router | 3 | 10.10.34.254 | - |
| DNS Domain Name | 15 | zenpr.local | - |
| DNS Servers | 6 | 192.168.5.1 192.168.5.1 | - |
| DNS Domain Name | 15 | pharmax.local | - |
| Lease | 51 | 691200 | - |
Table 78 - IPv4 Scopes Options Information - 10.10.34.0
1.4.1.2.4 SERVER-DC-01V IPv4 Scopes
The following section provides a summary of the DHCP servers IPv4 Scope information.
| Scope Id | Scope Name | Scope Range | Lease Duration | State |
|---|---|---|---|---|
| 10.10.32.0/24 | ESXi-vMotion-DR | 10.10.32.10 - 10.10.32.250 | 8.00:00:00 | Active |
| 10.10.33.0/24 | ESX-VM-NETWORK-DR | 10.10.33.40 - 10.10.33.253 | 100.00:00:00 | Active |
| 10.10.34.0/24 | ESXi-ISCSI-BLOCK-A-DR | 10.10.34.10 - 10.10.34.253 | 8.00:00:00 | Active |
| 10.10.35.0/24 | ESXi-ISCSI-BLOCK-B-DR | 10.10.35.10 - 10.10.35.253 | 8.00:00:00 | Active |
| 192.168.12.0/24 | ESXi-ISCSI-BLOCK-B | 192.168.12.10 - 192.168.12.240 | 8.00:00:00 | Active |
| 192.168.2.0/24 | ESXi-vMotion | 192.168.2.10 - 192.168.2.253 | 8.00:00:00 | Active |
| 192.168.4.0/24 | ESXi-NFS-File | 192.168.4.10 - 192.168.4.20 | 8.00:00:00 | Active |
| 192.168.6.0/24 | ESXi-ISCSI-BLOCK-A | 192.168.6.10 - 192.168.6.240 | 8.00:00:00 | Active |
| 192.168.7.0/24 | ESX-VM-NETWORK | 192.168.7.40 - 192.168.7.253 | Unlimited | Active |
| 192.168.12.0/24 | ESXi-ISCSI-BLOCK-B | 192.168.12.10 - 192.168.12.240 | 8.00:00:00 | Active |
Table 79 - IPv4 Scopes Information - SERVER-DC-01V
1.4.1.2.4.1 SERVER-DC-01V IPv4 Scope Statistics
The following section provides a summary of the DHCP servers IPv4 Scope Statistics information.
| Scope Id | Free IP | In Use IP | Percentage In Use | Reserved IP |
|---|---|---|---|---|
| 10.10.32.0 | 240 | 1 | 0 | 0 |
| 10.10.33.0 | 210 | 4 | 2 | 2 |
| 10.10.33.0 | 212 | 2 | 1 | 2 |
| 10.10.34.0 | 243 | 1 | 0 | 0 |
| 10.10.35.0 | 243 | 1 | 0 | 0 |
| 192.168.2.0 | 240 | 4 | 2 | 0 |
| 192.168.4.0 | 11 | 0 | 0 | 0 |
| 192.168.6.0 | 225 | 6 | 3 | 2 |
| 192.168.7.0 | 74 | 140 | 65 | 17 |
| 192.168.12.0 | 225 | 6 | 3 | 2 |
| 192.168.2.0 | 241 | 3 | 1 | 0 |
| 192.168.4.0 | 11 | 0 | 0 | 0 |
| 192.168.6.0 | 224 | 7 | 3 | 2 |
| 192.168.7.0 | 54 | 160 | 75 | 17 |
Table 80 - IPv4 Scope Statistics Information - SERVER-DC-01V
1.4.1.2.4.2 SERVER-DC-01V IPv4 Scope Failover
The following section provides a summary of the DHCP servers IPv4 Scope Failover information.
| DHCP Server | server-dc-01v.zenpr.local |
|---|---|
| Partner DHCP Server | cayey-dc-01v.zenpr.local |
| DHCP Server | server-dc-01v.pharmax.local |
| Partner DHCP Server | cayey-dc-01v.pharmax.local |
| Mode | LoadBalance |
| LoadBalance Percent | 80 |
| Server Role | - |
| Auto State Transition | No |
| Authetication Enable | Yes |
Table 112 - IPv4 Scope Failover Cofiguration - SERVER-DC-01V
| DHCP Server | server-dc-01v.zenpr.local |
|---|---|
| Partner DHCP Server | cayey-dc-01v.zenpr.local |
| DHCP Server | server-dc-01v.pharmax.local |
| Partner DHCP Server | cayey-dc-01v.pharmax.local |
| Mode | HotStandby |
| LoadBalance Percent | 0 |
| Server Role | Standby |
| Auto State Transition | Yes |
| Authetication Enable | No |
1.4.1.2.4.3 SERVER-DC-01V IPv4 Network Interface Binding
The following section provides a summary of the IPv4 Network Interface binding.
| Interface Alias | IP Address | Subnet Mask | State |
|---|---|---|---|
| Ethernet0 | 192.168.5.1 | 255.255.255.0 | Enabled |
Table 81 - IPv4 Network Interface binding Information - SERVER-DC-01V
1.4.1.2.5 SERVER-DC-01V IPv4 Scope Server Options
The following section provides a summary of the DHCP servers IPv4 Scope Server Options information.
| Name | Option Id | Value | Policy Name |
|---|---|---|---|
| Time Server | 4 | 192.168.5.1 | - |
| Name Servers | 5 | 192.168.5.1 | - |
| Post Office Protocol (POP3) Servers | 70 | 192.168.7.21 | - |
| 81 | 55 | - |
Table 82 - IPv4 Scopes Server Options Information - SERVER-DC-01V
1.4.1.2.5.1 Scope DNS Setting
The following section provides a summary of the DHCP servers IPv4 Scope DNS Setting information.
| Dynamic Updates | Always |
|---|---|
| Dns Suffix | - |
| Disable Dns Ptr RR Update | No |
| Delete Dns RR On Lease Expiry | Yes |
Table 83 - IPv4 Scopes DNS Setting Information - server-dc-01v
1.4.1.2.5.2 10.10.32.0 Scope Options Configuration
The following section provides a summary of the DHCP servers IPv4 Scope Server Options information.
| Name | Option Id | Value | Policy Name |
|---|---|---|---|
| Router | 3 | 10.10.32.254 | - |
| DNS Domain Name | 15 | zenpr.local | - |
| DNS Domain Name | 15 | pharmax.local | - |
| Lease | 51 | 691200 | - |
Table 84 - IPv4 Scopes Options Information - 10.10.32.0
1.4.1.2.5.3 10.10.33.0 Scope Options Configuration
The following section provides a summary of the DHCP servers IPv4 Scope Server Options information.
| Name | Option Id | Value | Policy Name |
|---|---|---|---|
| Router | 3 | 10.10.33.254 | - |
| Lease | 51 | 8640000 | - |
| 81 | 23 | - | |
| Boot Server Host Name | 66 | 192.168.5.2 | - |
| Bootfile Name | 67 | snponly64.efi.vmw-hardwired | - |
| 81 | 23 | - |
Table 85 - IPv4 Scopes Options Information - 10.10.33.0
1.4.1.2.5.4 10.10.34.0 Scope Options Configuration
The following section provides a summary of the DHCP servers IPv4 Scope Server Options information.
| Name | Option Id | Value | Policy Name |
|---|---|---|---|
| Lease | 51 | 691200 | - |
| Router | 3 | 10.10.34.254 | - |
| DNS Domain Name | 15 | zenpr.local | - |
| DNS Servers | 6 | 192.168.5.1 192.168.5.1 | - |
| DNS Domain Name | 15 | pharmax.local | - |
| Lease | 51 | 691200 | - |
Table 86 - IPv4 Scopes Options Information - 10.10.34.0
1.4.1.2.5.5 10.10.35.0 Scope Options Configuration
The following section provides a summary of the DHCP servers IPv4 Scope Server Options information.
| Name | Option Id | Value | Policy Name |
|---|---|---|---|
| Lease | 51 | 691200 | - |
| Router | 3 | 10.10.35.254 | - |
| DNS Domain Name | 15 | zenpr.local | - |
| DNS Servers | 6 | 192.168.5.1 192.168.5.1 | - |
| DNS Domain Name | 15 | pharmax.local | - |
| Lease | 51 | 691200 | - |
Table 87 - IPv4 Scopes Options Information - 10.10.35.0
1.4.1.2.5.6 192.168.2.0 Scope Options Configuration
The following section provides a summary of the DHCP servers IPv4 Scope Server Options information.
| Name | Option Id | Value | Policy Name |
|---|---|---|---|
| Router | 3 | 192.168.2.254 | - |
| DNS Domain Name | 15 | zenpr.local | - |
| DNS Domain Name | 15 | pharmax.local | - |
| Lease | 51 | 691200 | - |
Table 88 - IPv4 Scopes Options Information - 192.168.2.0
1.4.1.2.5.7 192.168.4.0 Scope Options Configuration
The following section provides a summary of the DHCP servers IPv4 Scope Server Options information.
| Name | Option Id | Value | Policy Name |
|---|---|---|---|
| DNS Domain Name | 15 | zenpr.local | - |
| Router | 3 | 192.168.4.254 | - |
| DNS Domain Name | 15 | pharmax.local | - |
| Lease | 51 | 691200 | - |
Table 89 - IPv4 Scopes Options Information - 192.168.4.0
1.4.1.2.5.8 192.168.6.0 Scope Options Configuration
The following section provides a summary of the DHCP servers IPv4 Scope Server Options information.
| Name | Option Id | Value | Policy Name |
|---|---|---|---|
| Router | 3 | 192.168.6.254 | - |
| DNS Domain Name | 15 | zenpr.local | - |
| DNS Domain Name | 15 | pharmax.local | - |
| Lease | 51 | 691200 | - |
Table 90 - IPv4 Scopes Options Information - 192.168.6.0
1.4.1.2.5.9 192.168.7.0 Scope Options Configuration
The following section provides a summary of the DHCP servers IPv4 Scope Server Options information.
| Name | Option Id | Value | Policy Name |
|---|---|---|---|
| Router | 3 | 192.168.7.254 | - |
| DNS Domain Name | 15 | zenpr.local | - |
| DNS Domain Name | 15 | pharmax.local | - |
| Lease | 51 | 4294967295 | - |
| Boot Server Host Name | 66 | 192.168.5.2 | - |
| Bootfile Name | 67 | snponly64.efi.vmw-hardwired | - |
| 81 | 23 | - |
Table 91 - IPv4 Scopes Options Information - 192.168.7.0
1.4.1.2.5.10 192.168.12.0 Scope Options Configuration
The following section provides a summary of the DHCP servers IPv4 Scope Server Options information.
| Name | Option Id | Value | Policy Name |
|---|---|---|---|
| Router | 3 | 192.168.12.254 | - |
| DNS Domain Name | 15 | zenpr.local | - |
| DNS Domain Name | 15 | pharmax.local | - |
| Lease | 51 | 691200 | - |
Table 92 - IPv4 Scopes Options Information - 192.168.12.0
1.4.1.3 ZENPR.LOCAL IPv6 Scope Configuration
The following section provides a IPv6 configuration summary of the Dynamic Host Configuration Protocol.
1.4.1.3.1 IPv6 Service Statistics
The following section provides a summary of the DHCP servers IPv6 Statistics information on ZENPR.LOCAL.
| DC Name | Total Scopes | Total Addresses | Addresses In Use | Addresses Available | Percentage In Use | Percentage Available |
|---|---|---|---|---|---|---|
| cayey-dc-01v | 0 | 0 | 0 | 0 | 0 | 0 |
| server-dc-01v-0 | - | - | - | - | 0 | 0 |
| server-dc-01v | 0 | 0 | 0 | 0 | 0 | 0 |
Table 93 - DHCP Server IPv6 Statistics Information - ZENPR.LOCAL
1.4.2 ACAD.ZENPR.LOCAL Domain DHCP Configuration
The following section provides a summary of the Dynamic Host Configuration Protocol.
1.4.2.1 DHCP Servers In Active Directory
The following section provides a summary of the DHCP servers information on ACAD.ZENPR.LOCAL.
| DC Name | IP Address | Domain Name | Domain Joined | Authorized | Conflict Detection Attempts |
|---|---|---|---|---|---|
| acade-dc-01v | 172.23.4.1 | acad.zenpr.local | Yes | Yes | 0 |
| acade-dc-01v | 172.23.4.1 | acad.pharmax.local | Yes | Yes | 0 |
Table 94 - DHCP Servers In Active Directory Information - ACAD.ZENPR.LOCAL
1.4.2.1.1 Service Database
The following section provides a summary of the DHCP servers service database information on ACAD.ZENPR.LOCAL.
| DC Name | File Path | Backup Path | Backup Interval | Logging Enabled |
|---|---|---|---|---|
| acade-dc-01v | C:\Windows\system32\dhcp\dhcp.mdb | C:\Windows\system32\dhcp\backup | 60 min | Yes |
Table 95 - DHCP Servers Database Information - ACAD.ZENPR.LOCAL
1.4.2.1.2 Dynamic DNS credentials
The following section provides a summary of the DHCP Servers Dynamic DNS registration credentials information on ACAD.ZENPR.LOCAL.
| DC Name | User Name | Domain Name |
|---|---|---|
| acade-dc-01v | - | - |
Table 96 - DHCP Servers Dynamic DNS Credentials Information - ACAD.ZENPR.LOCAL
1.4.2.2 IPv4 Scope Summary
The following section provides a IPv4 configuration summary of the Dynamic Host Configuration Protocol.
1.4.2.2.1 IPv4 Service Statistics
The following section provides a summary of the DHCP servers IPv4 Statistics information on ACAD.ZENPR.LOCAL.
| DC Name | Total Scopes | Total Addresses | Addresses In Use | Addresses Available | Percentage In Use | Percentage Available |
|---|---|---|---|---|---|---|
| acade-dc-01v | 1 | 233 | 0 | 233 | 0 | 100 |
Table 97 - DHCP Server IPv4 Statistics Information - ACAD.ZENPR.LOCAL
1.4.2.2.2 ACADE-DC-01V IPv4 Scopes
The following section provides a summary of the DHCP servers IPv4 Scope information.
| Scope Id | Scope Name | Scope Range | Lease Duration | State |
|---|---|---|---|---|
| 172.23.5.0/24 | Dept-B Clients | 172.23.5.10 - 172.23.5.253 | 1.00:00:00 | Active |
Table 98 - IPv4 Scopes Information - ACADE-DC-01V
1.4.2.2.2.1 ACADE-DC-01V IPv4 Scope Statistics
The following section provides a summary of the DHCP servers IPv4 Scope Statistics information.
| Scope Id | Free IP | In Use IP | Percentage In Use | Reserved IP |
|---|---|---|---|---|
| 172.23.5.0 | 233 | 0 | 0 | 0 |
Table 99 - IPv4 Scope Statistics Information - ACADE-DC-01V
1.4.2.2.2.2 ACADE-DC-01V IPv4 Network Interface Binding
The following section provides a summary of the IPv4 Network Interface binding.
| Interface Alias | IP Address | Subnet Mask | State |
|---|---|---|---|
| Ethernet0 | 172.23.4.1 | 255.255.255.0 | Enabled |
Table 100 - IPv4 Network Interface binding Information - ACADE-DC-01V
1.4.2.2.3 ACADE-DC-01V IPv4 Scope Server Options
The following section provides a summary of the DHCP servers IPv4 Scope Server Options information.
| Name | Option Id | Value | Policy Name |
|---|---|---|---|
| DNS Servers | 6 | 172.23.4.1 192.168.5.1 10.10.33.1 | - |
| DNS Domain Name | 15 | acad.zenpr.local | - |
| DNS Domain Name | 15 | acad.pharmax.local | - |
Table 101 - IPv4 Scopes Server Options Information - ACADE-DC-01V
1.4.2.2.3.1 Scope DNS Setting
The following section provides a summary of the DHCP servers IPv4 Scope DNS Setting information.
| Dynamic Updates | OnClientRequest |
|---|---|
| Dns Suffix | - |
| Disable Dns Ptr RR Update | No |
| Delete Dns RR On Lease Expiry | Yes |
Table 102 - IPv4 Scopes DNS Setting Information - acade-dc-01v
1.4.2.2.3.2 172.23.5.0 Scope Options Configuration
The following section provides a summary of the DHCP servers IPv4 Scope Server Options information.
| Name | Option Id | Value | Policy Name |
|---|---|---|---|
| Lease | 51 | 86400 | - |
| Router | 3 | 172.23.5.254 | - |
| Lease | 51 | 86400 | - |
Table 103 - IPv4 Scopes Options Information - 172.23.5.0
1.4.2.3 ACAD.ZENPR.LOCAL IPv6 Scope Configuration
The following section provides a IPv6 configuration summary of the Dynamic Host Configuration Protocol.
1.4.2.3.1 IPv6 Service Statistics
The following section provides a summary of the DHCP servers IPv6 Statistics information on ACAD.ZENPR.LOCAL.
| DC Name | Total Scopes | Total Addresses | Addresses In Use | Addresses Available | Percentage In Use | Percentage Available |
|---|---|---|---|---|---|---|
| acade-dc-01v | 1 | 18446744073709551614 | 3 | 18446744073709551611 | 0 | 100 |
| acade-dc-01v | 1 | 18446744073709551614 | 0 | 18446744073709551614 | 0 | 100 |
Table 104 - DHCP Server IPv6 Statistics Information - ACAD.ZENPR.LOCAL
1.4.2.3.2 ACADE-DC-01V IPv6 Scopes
The following section provides a summary of the DHCP servers IPv6 Scope Configuration.
| Scope Id | Scope Name | Lease Duration | State |
|---|---|---|---|
| fd99:9971::/64 | Dept-C Clients | 8.00:00:00 | Active |
Table 105 - IPv6 Scopes Information - ACADE-DC-01V
1.4.2.3.2.1 ACADE-DC-01V IPv6 Scope Statistics
The following section provides a summary of the DHCP servers IPv6 Scope Statistics information.
| Scope Id | Free IP | In Use IP | Percentage In Use | Reserved IP |
|---|---|---|---|---|
| fd99:9971:: | 18446744073709551611 | 3 | 0 | 0 |
Table 106 - IPv6 Scope Statistics Information - ACADE-DC-01V
1.4.2.3.2.2 ACADE-DC-01V IPv6 Network Interface Binding
The following section provides a summary of the IPv6 Network Interface Binding.
| Interface Alias | IP Address | State | ||
|---|---|---|---|---|
| Ethernet0 | fd99:9971::1 | Enabled | ||
| fd99:9971:: | 18446744073709551614 | 0 | 0 | 0 |
Table 107 - IPv6 Network Interface binding Information - ACADE-DC-01V
1.4.2.3.3 ACADE-DC-01V IPv6 Scope Server Options
The following section provides a summary of the DHCP servers IPv6 Scope Server Options information.
| Name | Option Id | Type | Value |
|---|---|---|---|
| Domain Search List | 24 | String | fd99:9971::1 |
Table 108 - IPv6 Scopes Server Options Information - ACADE-DC-01V
1.4.2.3.3.1 Scope DNS Settings
The following section provides a summary of the DHCP servers IPv6 Scope DNS Setting information.
| Dynamic Updates | OnClientRequest |
|---|---|
| Name Protection | No |
| Delete Dns RR On Lease Expiry | Yes |
Table 109 - IPv6 Scopes DNS Setting Information - acade-dc-01v
1.4.2.3.3.2 fd99:9971:: Scope Options
The following section provides a summary of the DHCP servers IPv6 Scope Server Options information.
| Name | Option Id | Type | Value |
|---|---|---|---|
| DNS Recursive Name Server IPv6 Address List | 23 | IPv6Address | fd99:9971::1 |
Table 110 - IPv6 Scopes Options Information - fd99:9971::
1.5 ZENPR.LOCAL Certificate Authority Summary
In cryptography, a certificate authority or certification authority (CA) is an entity that issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. A CA acts as a trusted third party—trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The format of these certificates is specified by the X.509 or EMV standard.
| CA Name | Server Name | Type | Status |
|---|---|---|---|
| zenpr-SERVER-DC-01V-CA | SERVER-DC-01V | Enterprise Root CA | Running |
| acad-ACADE-DC-01V-CA | ACADE-DC-01V | Enterprise Subordinate CA | Running |
| zenpr-CAYEY-DC-01V-CA | CAYEY-DC-01V | Enterprise Subordinate CA | Running |
| pharmax-CAYEY-DC-01V-CA | CAYEY-DC-01V | Enterprise Subordinate CA | Running |
| pharmax-SERVER-DC-01V-CA | SERVER-DC-01V | Enterprise Root CA | Running |
Table 111 - Certification Authority Summary Information - ZENPR.LOCAL
1.5.1 ZENPR.LOCAL Enterprise Root Certificate Authority
The following section provides the of the DHCP servers IPv6 Scope Server Options information.
| CA Name | zenpr-SERVER-DC-01V-CA |
|---|---|
| CA Name | pharmax-SERVER-DC-01V-CA |
| Server Name | SERVER-DC-01V |
| Type | Enterprise Root CA |
| Config String | Server-DC-01V.zenpr.local\zenpr-SERVER-DC-01V-CA |
| Config String | Server-DC-01V.pharmax.local\pharmax-SERVER-DC-01V-CA |
| Operating System | Microsoft Windows Server 2019 Standard Evaluation |
| Certificate | [Subject] CN=pharmax-SERVER-DC-01V-CA, DC=pharmax, DC=local [Issuer] CN=pharmax-SERVER-DC-01V-CA, DC=pharmax, DC=local [Serial Number] 5D2E25D9AFFDE4904A05D70BEB7ACBD2 [Not Before] 1/25/2020 7:35:16 PM [Not After] 1/25/2025 7:45:15 PM [Thumbprint] 0F6D4D3B8C71290E76B6B6C0661275F6F37B9CE0 |
| Status | Running |
Table 144 - Enterprise Root CA - PHARMAX.LOCAL
1.5.2 Enterprise Subordinate Certificate Authority
The following section provides the Enterprise Subordinate CA information.
| CA Name | acad-ACADE-DC-01V-CA |
|---|---|
| Server Name | ACADE-DC-01V |
| Type | Enterprise Subordinate CA |
| Config String | acade-dc-01v.acad.pharmax.local\acad-ACADE-DC-01V-CA |
| Operating System | Microsoft Windows Server 2019 Standard Evaluation |
| Certificate | [Subject] CN=acad-ACADE-DC-01V-CA, DC=acad, DC=pharmax, DC=local [Issuer] CN=pharmax-SERVER-DC-01V-CA, DC=pharmax, DC=local [Serial Number] 61000000F5B20F8367F4837C6A0000000000F5 [Not Before] 9/22/2021 8:59:36 PM [Not After] 9/22/2023 9:09:36 PM [Thumbprint] 89532761827821E1B102CC8B86C529A6D2E92AC6 |
| Status | Running |
Table 145 - Enterprise Subordinate CA - acad-ACADE-DC-01V-CA
| CA Name | pharmax-CAYEY-DC-01V-CA |
|---|---|
| Server Name | CAYEY-DC-01V |
| Type | Enterprise Subordinate CA |
| Config String | cayey-dc-01v.pharmax.local\pharmax-CAYEY-DC-01V-CA |
| Operating System | Microsoft Windows Server 2019 Standard Evaluation |
| Certificate | [Subject] CN=zenpr-SERVER-DC-01V-CA, DC=zenpr, DC=local [Issuer] CN=zenpr-SERVER-DC-01V-CA, DC=zenpr, DC=local [Serial Number] 5D2E25D9AFFDE4904A05D70BEB7ACBD2 [Not Before] 1/25/2020 7:35:16 PM [Not After] 1/25/2025 7:45:15 PM [Thumbprint] 0F6D4D3B8C71290E76B6B6C0661275F6F37B9CE0 |
| Certificate | [Subject] CN=pharmax-CAYEY-DC-01V-CA, DC=pharmax, DC=local [Issuer] CN=pharmax-SERVER-DC-01V-CA, DC=pharmax, DC=local [Serial Number] 61000000F60DE0C8AB312FB51E0000000000F6 [Not Before] 10/4/2021 10:33:08 AM [Not After] 10/4/2023 10:43:08 AM [Thumbprint] CB2AC03DDA5A793DACAFC1EDC048CB1123D94B4B |
| Status | Running |
Table 112 - Certification Authority Summary Information - ZENPR.LOCAL
Table 146 - Enterprise Subordinate CA - pharmax-CAYEY-DC-01V-CA
+
1.5.3 Certificate Validity Period
The following section provides the Certification Authority Certificate Validity Period information.
| CA Name | Server Name | Validity Period |
|---|---|---|
| acad-ACADE-DC-01V-CA | ACADE-DC-01V | 2 Years |
| pharmax-CAYEY-DC-01V-CA | CAYEY-DC-01V | 2 Years |
| pharmax-SERVER-DC-01V-CA | SERVER-DC-01V | 2 Years |
Table 147 - Certificate Validity Period - PHARMAX.LOCAL
1.5.3.1 Access Control List (ACL) Summary
| DC Name | Owner | Group |
|---|---|---|
| acad-ACADE-DC-01V-CA | BUILTIN\Administrators | BUILTIN\Administrators |
| pharmax-CAYEY-DC-01V-CA | BUILTIN\Administrators | BUILTIN\Administrators |
| pharmax-SERVER-DC-01V-CA | BUILTIN\Administrators | BUILTIN\Administrators |
Table 148 - Access Control List - PHARMAX.LOCAL
1.5.3.1.1 pharmax-SERVER-DC-01V-CA Rights
| Identity | Access Control Type | Rights |
|---|---|---|
| BUILTIN\Administrators | Allow | ManageCA, ManageCertificates |
| NT AUTHORITY\Authenticated Users | Allow | Enroll |
| PHARMAX\Domain Admins | Allow | ManageCA, ManageCertificates |
| PHARMAX\Enterprise Admins | Allow | ManageCA, ManageCertificates |
| PHARMAX\jocolon | Allow | ManageCA, ManageCertificates, Read, Enroll |
Table 149 - ACL Rights - pharmax-SERVER-DC-01V-CA
1.5.3.1.2 acad-ACADE-DC-01V-CA Rights
| Identity | Access Control Type | Rights |
|---|---|---|
| ACAD\Domain Admins | Allow | ManageCA, ManageCertificates |
| BUILTIN\Administrators | Allow | ManageCA, ManageCertificates |
| NT AUTHORITY\Authenticated Users | Allow | Enroll |
| PHARMAX\Enterprise Admins | Allow | ManageCA, ManageCertificates |
Table 150 - ACL Rights - acad-ACADE-DC-01V-CA
1.5.3.1.3 pharmax-CAYEY-DC-01V-CA Rights
| Identity | Access Control Type | Rights |
|---|---|---|
| BUILTIN\Administrators | Allow | ManageCA, ManageCertificates |
| NT AUTHORITY\Authenticated Users | Allow | Enroll |
| PHARMAX\Domain Admins | Allow | ManageCA, ManageCertificates |
| PHARMAX\Enterprise Admins | Allow | ManageCA, ManageCertificates |
Table 151 - ACL Rights - pharmax-CAYEY-DC-01V-CA
1.5.4 Cryptography Configuration
The following section provides the Certification Authority Cryptography Configuration information.
| CA Name | pharmax-SERVER-DC-01V-CA |
|---|---|
| Server Name | SERVER-DC-01V |
| PublicKey Algorithm | RSA |
| Hashing Algorithm | SHA256 |
| Provider Name | Microsoft Software Key Storage Provider |
| Alternate Signature Algorithm | No |
| Provider Is CNG | Yes |
Table 152 - Cryptography Configuration - PHARMAX.LOCAL
| CA Name | acad-ACADE-DC-01V-CA |
|---|---|
| Server Name | ACADE-DC-01V |
| PublicKey Algorithm | RSA |
| Hashing Algorithm | SHA256 |
| Provider Name | Microsoft Software Key Storage Provider |
| Alternate Signature Algorithm | No |
| Provider Is CNG | Yes |
Table 153 - Cryptography Configuration - PHARMAX.LOCAL
| CA Name | pharmax-CAYEY-DC-01V-CA |
|---|---|
| Server Name | CAYEY-DC-01V |
| PublicKey Algorithm | RSA |
| Hashing Algorithm | SHA256 |
| Provider Name | Microsoft Software Key Storage Provider |
| Alternate Signature Algorithm | No |
| Provider Is CNG | Yes |
Table 154 - Cryptography Configuration - PHARMAX.LOCAL
1.5.5 Authority Information Access (AIA) Summary
The following section provides the Certification Authority Authority Information Access information.
1.5.5.1 pharmax-SERVER-DC-01V-CA
| Reg URI | 1:C:\Windows\system32\CertSrv\CertEnroll\%1_%3%4.crt |
|---|---|
| Config URI | 1:C:\Windows\system32\CertSrv\CertEnroll\<ServerDNSName>_<CaName><CertificateName>.crt |
| Flags | 1 |
| Server Publish | Yes |
| Include To Extension | No |
| OCSP | No |
Table 155 - Authority Information Access - pharmax-SERVER-DC-01V-CA
| Reg URI | 3:ldap:///CN=%7,CN=AIA,CN=Public Key Services,CN=Services,%6%11 |
|---|---|
| Config URI | 3:ldap:///CN=<CATruncatedName>,CN=AIA,CN=Public Key Services,CN=Services,<ConfigurationContainer><CAObjectClass> |
| Flags | 1, 2 |
| Server Publish | Yes |
| Include To Extension | Yes |
| OCSP | No |
Table 156 - Authority Information Access - pharmax-SERVER-DC-01V-CA
| Reg URI | 0:http://%1/CertEnroll/%1_%3%4.crt |
|---|---|
| Config URI | 0:http://<ServerDNSName>/CertEnroll/<ServerDNSName>_<CaName><CertificateName>.crt |
| Flags | - |
| Server Publish | No |
| Include To Extension | No |
| OCSP | No |
Table 157 - Authority Information Access - pharmax-SERVER-DC-01V-CA
| Reg URI | 0:file://%1/CertEnroll/%1_%3%4.crt |
|---|---|
| Config URI | 0:file://<ServerDNSName>/CertEnroll/<ServerDNSName>_<CaName><CertificateName>.crt |
| Flags | - |
| Server Publish | No |
| Include To Extension | No |
| OCSP | No |
Table 158 - Authority Information Access - pharmax-SERVER-DC-01V-CA
| Reg URI | 2:http://acade-dc-01v.acad.pharmax.local/CertData/%1_%3%4.crt |
|---|---|
| Config URI | 2:http://acade-dc-01v.acad.pharmax.local/CertData/<ServerDNSName>_<CaName><CertificateName>.crt |
| Flags | 2 |
| Server Publish | No |
| Include To Extension | Yes |
| OCSP | No |
Table 159 - Authority Information Access - pharmax-SERVER-DC-01V-CA
1.5.5.2 acad-ACADE-DC-01V-CA
| Reg URI | 1:C:\Windows\system32\CertSrv\CertEnroll\%1_%3%4.crt |
|---|---|
| Config URI | 1:C:\Windows\system32\CertSrv\CertEnroll\<ServerDNSName>_<CaName><CertificateName>.crt |
| Flags | 1 |
| Server Publish | Yes |
| Include To Extension | No |
| OCSP | No |
Table 160 - Authority Information Access - acad-ACADE-DC-01V-CA
| Reg URI | 3:ldap:///CN=%7,CN=AIA,CN=Public Key Services,CN=Services,%6%11 |
|---|---|
| Config URI | 3:ldap:///CN=<CATruncatedName>,CN=AIA,CN=Public Key Services,CN=Services,<ConfigurationContainer><CAObjectClass> |
| Flags | 1, 2 |
| Server Publish | Yes |
| Include To Extension | Yes |
| OCSP | No |
Table 161 - Authority Information Access - acad-ACADE-DC-01V-CA
| Reg URI | 0:http://%1/CertEnroll/%1_%3%4.crt |
|---|---|
| Config URI | 0:http://<ServerDNSName>/CertEnroll/<ServerDNSName>_<CaName><CertificateName>.crt |
| Flags | - |
| Server Publish | No |
| Include To Extension | No |
| OCSP | No |
Table 162 - Authority Information Access - acad-ACADE-DC-01V-CA
| Reg URI | 0:file://%1/CertEnroll/%1_%3%4.crt |
|---|---|
| Config URI | 0:file://<ServerDNSName>/CertEnroll/<ServerDNSName>_<CaName><CertificateName>.crt |
| Flags | - |
| Server Publish | No |
| Include To Extension | No |
| OCSP | No |
Table 163 - Authority Information Access - acad-ACADE-DC-01V-CA
| Reg URI | 2:http://acade-dc-01v.acad.pharmax.local/CertEnroll/%1_%3%4.crt |
|---|---|
| Config URI | 2:http://acade-dc-01v.acad.pharmax.local/CertEnroll/<ServerDNSName>_<CaName><CertificateName>.crt |
| Flags | 2 |
| Server Publish | No |
| Include To Extension | Yes |
| OCSP | No |
Table 164 - Authority Information Access - acad-ACADE-DC-01V-CA
| Reg URI | 32:http://acade-dc-01v.acad.pharmax.local/ocsp |
|---|---|
| Config URI | 32:http://acade-dc-01v.acad.pharmax.local/ocsp |
| Flags | 32 |
| Server Publish | No |
| Include To Extension | No |
| OCSP | Yes |
Table 165 - Authority Information Access - acad-ACADE-DC-01V-CA
1.5.5.3 pharmax-CAYEY-DC-01V-CA
| Reg URI | 1:C:\Windows\system32\CertSrv\CertEnroll\%1_%3%4.crt |
|---|---|
| Config URI | 1:C:\Windows\system32\CertSrv\CertEnroll\<ServerDNSName>_<CaName><CertificateName>.crt |
| Flags | 1 |
| Server Publish | Yes |
| Include To Extension | No |
| OCSP | No |
Table 166 - Authority Information Access - pharmax-CAYEY-DC-01V-CA
| Reg URI | 3:ldap:///CN=%7,CN=AIA,CN=Public Key Services,CN=Services,%6%11 |
|---|---|
| Config URI | 3:ldap:///CN=<CATruncatedName>,CN=AIA,CN=Public Key Services,CN=Services,<ConfigurationContainer><CAObjectClass> |
| Flags | 1, 2 |
| Server Publish | Yes |
| Include To Extension | Yes |
| OCSP | No |
Table 167 - Authority Information Access - pharmax-CAYEY-DC-01V-CA
| Reg URI | 0:http://%1/CertEnroll/%1_%3%4.crt |
|---|---|
| Config URI | 0:http://<ServerDNSName>/CertEnroll/<ServerDNSName>_<CaName><CertificateName>.crt |
| Flags | - |
| Server Publish | No |
| Include To Extension | No |
| OCSP | No |
Table 168 - Authority Information Access - pharmax-CAYEY-DC-01V-CA
| Reg URI | 0:file://%1/CertEnroll/%1_%3%4.crt |
|---|---|
| Config URI | 0:file://<ServerDNSName>/CertEnroll/<ServerDNSName>_<CaName><CertificateName>.crt |
| Flags | - |
| Server Publish | No |
| Include To Extension | No |
| OCSP | No |
Table 169 - Authority Information Access - pharmax-CAYEY-DC-01V-CA
1.5.6 Certificate Revocation List (CRL) Configuration
The following section provides the Certification Authority CRL Distribution Point information.
1.5.6.1 CRL Validity Period
| CA Name | Base CRL | Base CRL Overlap | Delta CRL | Delta CRL Overlap |
|---|---|---|---|---|
| acad-ACADE-DC-01V-CA | 1 Weeks | 0 Hours | 1 Days | 0 Minutes |
| pharmax-CAYEY-DC-01V-CA | 1 Weeks | 0 Hours | 1 Days | 0 Minutes |
| pharmax-SERVER-DC-01V-CA | 50 Weeks | 0 Hours | 0 Days | 0 Minutes |
Table 170 - CRL Validity Preriod - PHARMAX.LOCAL
1.5.6.2 CRL Flags Settings
| CA Name | Server Name | CRL Flags |
|---|---|---|
| acad-ACADE-DC-01V-CA | ACADE-DC-01V | DeleteExpiredCRLs |
| pharmax-CAYEY-DC-01V-CA | CAYEY-DC-01V | DeleteExpiredCRLs |
| pharmax-SERVER-DC-01V-CA | SERVER-DC-01V | DeleteExpiredCRLs |
Table 171 - CRL Flags - PHARMAX.LOCAL
1.5.6.3 CRL Distribution Point
The following section provides the Certification Authority CRL Distribution Point information.
1.5.6.3.1 pharmax-SERVER-DC-01V-CA
| Reg URI | 65:C:\Windows\system32\CertSrv\CertEnroll\%3%8%9.crl |
|---|---|
| Config URI | 65:C:\Windows\system32\CertSrv\CertEnroll\<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
| Url Scheme | Unknown |
| ProjectedURI | 65:C:\Windows\system32\CertSrv\CertEnroll\pharmax-SERVER-DC-01V-CA.crl 65:C:\Windows\system32\CertSrv\CertEnroll\pharmax-SERVER-DC-01V-CA+.crl |
| Flags | 1, 64 |
| CRL Publish | - |
| Delta CRL Publish | Yes |
| Add To Cert CDP | No |
| Add To Fresh est CRL | No |
| Add To Crl cdp | No |
Table 172 - CRL Distribution Point - pharmax-SERVER-DC-01V-CA
| Reg URI | 79:ldap:///CN=%7%8,CN=%2,CN=CDP,CN=Public Key Services,CN=Services,%6%10 |
|---|---|
| Config URI | 79:ldap:///CN=<CATruncatedName><CRLNameSuffix>,CN=<ServerShortName>,CN=CDP,CN=Public Key Services,CN=Services,<ConfigurationContainer><CDPObjectClass> |
| Url Scheme | LDAP |
| ProjectedURI | 79:ldap:///CN=pharmax-SERVER-DC-01V-CA,CN=Server-DC-01V,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=pharmax,DC=local?certificateRevocationList?base?objectClass=cRLDistributionPoint |
| Flags | 1, 2, 4, 8, 64 |
| CRL Publish | - |
| Delta CRL Publish | Yes |
| Add To Cert CDP | Yes |
| Add To Fresh est CRL | Yes |
| Add To Crl cdp | Yes |
Table 173 - CRL Distribution Point - pharmax-SERVER-DC-01V-CA
| Reg URI | 0:http://%1/CertEnroll/%3%8%9.crl |
|---|---|
| Config URI | 0:http://<ServerDNSName>/CertEnroll/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
| Url Scheme | HTTP |
| ProjectedURI | 0:http:///CertEnroll/pharmax-SERVER-DC-01V-CA.crl 0:http:///CertEnroll/pharmax-SERVER-DC-01V-CA+.crl |
| Flags | - |
| CRL Publish | - |
| Delta CRL Publish | No |
| Add To Cert CDP | No |
| Add To Fresh est CRL | No |
| Add To Crl cdp | No |
Table 174 - CRL Distribution Point - pharmax-SERVER-DC-01V-CA
| Reg URI | 0:file://%1/CertEnroll/%3%8%9.crl |
|---|---|
| Config URI | 0:file://<ServerDNSName>/CertEnroll/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
| Url Scheme | UNC |
| ProjectedURI | 0:file:///CertEnroll/pharmax-SERVER-DC-01V-CA.crl 0:file:///CertEnroll/pharmax-SERVER-DC-01V-CA+.crl |
| Flags | - |
| CRL Publish | - |
| Delta CRL Publish | No |
| Add To Cert CDP | No |
| Add To Fresh est CRL | No |
| Add To Crl cdp | No |
Table 175 - CRL Distribution Point - pharmax-SERVER-DC-01V-CA
| Reg URI | 6:http://acade-dc-01v.acad.pharmax.local/CertData/%3%8%9.crl |
|---|---|
| Config URI | 6:http://acade-dc-01v.acad.pharmax.local/CertData/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
| Url Scheme | HTTP |
| ProjectedURI | 6:http://acade-dc-01v.acad.pharmax.local/CertData/pharmax-SERVER-DC-01V-CA.crl 6:http://acade-dc-01v.acad.pharmax.local/CertData/pharmax-SERVER-DC-01V-CA+.crl |
| Flags | 2, 4 |
| CRL Publish | - |
| Delta CRL Publish | No |
| Add To Cert CDP | Yes |
| Add To Fresh est CRL | Yes |
| Add To Crl cdp | No |
Table 176 - CRL Distribution Point - pharmax-SERVER-DC-01V-CA
1.5.6.3.2 acad-ACADE-DC-01V-CA
| Reg URI | 65:C:\Windows\system32\CertSrv\CertEnroll\%3%8%9.crl |
|---|---|
| Config URI | 65:C:\Windows\system32\CertSrv\CertEnroll\<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
| Url Scheme | Unknown |
| ProjectedURI | 65:C:\Windows\system32\CertSrv\CertEnroll\acad-ACADE-DC-01V-CA.crl 65:C:\Windows\system32\CertSrv\CertEnroll\acad-ACADE-DC-01V-CA+.crl |
| Flags | 1, 64 |
| CRL Publish | - |
| Delta CRL Publish | Yes |
| Add To Cert CDP | No |
| Add To Fresh est CRL | No |
| Add To Crl cdp | No |
Table 177 - CRL Distribution Point - acad-ACADE-DC-01V-CA
| Reg URI | 79:ldap:///CN=%7%8,CN=%2,CN=CDP,CN=Public Key Services,CN=Services,%6%10 |
|---|---|
| Config URI | 79:ldap:///CN=<CATruncatedName><CRLNameSuffix>,CN=<ServerShortName>,CN=CDP,CN=Public Key Services,CN=Services,<ConfigurationContainer><CDPObjectClass> |
| Url Scheme | LDAP |
| ProjectedURI | 79:ldap:///CN=acad-ACADE-DC-01V-CA,CN=acade-dc-01v,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=pharmax,DC=local?certificateRevocationList?base?objectClass=cRLDistributionPoint |
| Flags | 1, 2, 4, 8, 64 |
| CRL Publish | - |
| Delta CRL Publish | Yes |
| Add To Cert CDP | Yes |
| Add To Fresh est CRL | Yes |
| Add To Crl cdp | Yes |
Table 178 - CRL Distribution Point - acad-ACADE-DC-01V-CA
| Reg URI | 0:http://%1/CertEnroll/%3%8%9.crl |
|---|---|
| Config URI | 0:http://<ServerDNSName>/CertEnroll/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
| Url Scheme | HTTP |
| ProjectedURI | 0:http:///CertEnroll/acad-ACADE-DC-01V-CA.crl 0:http:///CertEnroll/acad-ACADE-DC-01V-CA+.crl |
| Flags | - |
| CRL Publish | - |
| Delta CRL Publish | No |
| Add To Cert CDP | No |
| Add To Fresh est CRL | No |
| Add To Crl cdp | No |
Table 179 - CRL Distribution Point - acad-ACADE-DC-01V-CA
| Reg URI | 0:file://%1/CertEnroll/%3%8%9.crl |
|---|---|
| Config URI | 0:file://<ServerDNSName>/CertEnroll/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
| Url Scheme | UNC |
| ProjectedURI | 0:file:///CertEnroll/acad-ACADE-DC-01V-CA.crl 0:file:///CertEnroll/acad-ACADE-DC-01V-CA+.crl |
| Flags | - |
| CRL Publish | - |
| Delta CRL Publish | No |
| Add To Cert CDP | No |
| Add To Fresh est CRL | No |
| Add To Crl cdp | No |
Table 180 - CRL Distribution Point - acad-ACADE-DC-01V-CA
| Reg URI | 6:http://acade-dc-01v.acad.pharmax.local/CertEnroll/%3%8%9.crl |
|---|---|
| Config URI | 6:http://acade-dc-01v.acad.pharmax.local/CertEnroll/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
| Url Scheme | HTTP |
| ProjectedURI | 6:http://acade-dc-01v.acad.pharmax.local/CertEnroll/acad-ACADE-DC-01V-CA.crl 6:http://acade-dc-01v.acad.pharmax.local/CertEnroll/acad-ACADE-DC-01V-CA+.crl |
| Flags | 2, 4 |
| CRL Publish | - |
| Delta CRL Publish | No |
| Add To Cert CDP | Yes |
| Add To Fresh est CRL | Yes |
| Add To Crl cdp | No |
Table 181 - CRL Distribution Point - acad-ACADE-DC-01V-CA
1.5.6.3.3 pharmax-CAYEY-DC-01V-CA
| Reg URI | 65:C:\Windows\system32\CertSrv\CertEnroll\%3%8%9.crl |
|---|---|
| Config URI | 65:C:\Windows\system32\CertSrv\CertEnroll\<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
| Url Scheme | Unknown |
| ProjectedURI | 65:C:\Windows\system32\CertSrv\CertEnroll\pharmax-CAYEY-DC-01V-CA.crl 65:C:\Windows\system32\CertSrv\CertEnroll\pharmax-CAYEY-DC-01V-CA+.crl |
| Flags | 1, 64 |
| CRL Publish | - |
| Delta CRL Publish | Yes |
| Add To Cert CDP | No |
| Add To Fresh est CRL | No |
| Add To Crl cdp | No |
Table 182 - CRL Distribution Point - pharmax-CAYEY-DC-01V-CA
| Reg URI | 79:ldap:///CN=%7%8,CN=%2,CN=CDP,CN=Public Key Services,CN=Services,%6%10 |
|---|---|
| Config URI | 79:ldap:///CN=<CATruncatedName><CRLNameSuffix>,CN=<ServerShortName>,CN=CDP,CN=Public Key Services,CN=Services,<ConfigurationContainer><CDPObjectClass> |
| Url Scheme | LDAP |
| ProjectedURI | 79:ldap:///CN=pharmax-CAYEY-DC-01V-CA,CN=cayey-dc-01v,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=pharmax,DC=local?certificateRevocationList?base?objectClass=cRLDistributionPoint |
| Flags | 1, 2, 4, 8, 64 |
| CRL Publish | - |
| Delta CRL Publish | Yes |
| Add To Cert CDP | Yes |
| Add To Fresh est CRL | Yes |
| Add To Crl cdp | Yes |
Table 183 - CRL Distribution Point - pharmax-CAYEY-DC-01V-CA
| Reg URI | 0:http://%1/CertEnroll/%3%8%9.crl |
|---|---|
| Config URI | 0:http://<ServerDNSName>/CertEnroll/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
| Url Scheme | HTTP |
| ProjectedURI | 0:http:///CertEnroll/pharmax-CAYEY-DC-01V-CA.crl 0:http:///CertEnroll/pharmax-CAYEY-DC-01V-CA+.crl |
| Flags | - |
| CRL Publish | - |
| Delta CRL Publish | No |
| Add To Cert CDP | No |
| Add To Fresh est CRL | No |
| Add To Crl cdp | No |
Table 184 - CRL Distribution Point - pharmax-CAYEY-DC-01V-CA
| Reg URI | 0:file://%1/CertEnroll/%3%8%9.crl |
|---|---|
| Config URI | 0:file://<ServerDNSName>/CertEnroll/<CaName><CRLNameSuffix><DeltaCRLAllowed>.crl |
| Url Scheme | UNC |
| ProjectedURI | 0:file:///CertEnroll/pharmax-CAYEY-DC-01V-CA.crl 0:file:///CertEnroll/pharmax-CAYEY-DC-01V-CA+.crl |
| Flags | - |
| CRL Publish | - |
| Delta CRL Publish | No |
| Add To Cert CDP | No |
| Add To Fresh est CRL | No |
| Add To Crl cdp | No |
Table 185 - CRL Distribution Point - pharmax-CAYEY-DC-01V-CA
1.5.7 AIA and CDP Health Status
The following section is intended to perform Certification Authority health status checking by CA certificate chain status and validating all CRL Distribution Point (CDP) and Authority Information Access (AIA) URLs for each certificate in the chain.
| CA Name | Childs | Health |
|---|---|---|
| acad-ACADE-DC-01V-CA | acad-ACADE-DC-01V-CA pharmax-SERVER-DC-01V-CA | Error |
| pharmax-CAYEY-DC-01V-CA | pharmax-CAYEY-DC-01V-CA pharmax-SERVER-DC-01V-CA | Ok |
| pharmax-SERVER-DC-01V-CA | pharmax-SERVER-DC-01V-CA | Ok |
Table 186 - Certification Authority Health - PHARMAX.LOCAL
1.5.8 Certificate Template Summary
The following section provides the certificate templates that are assigned to a specified Certification Authority (CA). CA server can issue certificates only based on assigned templates.
1.5.8.1 pharmax-SERVER-DC-01V-CA Certificate Template
| Template Name | Schema Version | Supported CA | Autoenrollment |
|---|---|---|---|
| Administrator | 1 | Windows 2000 Server | No |
| Basic EFS | 1 | Windows 2000 Server | No |
| Computer | 1 | Windows 2000 Server | No |
| ConfigMgr Client Distribution | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Directory Email Replication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Domain Controller | 1 | Windows 2000 Server | No |
| Domain Controller Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| EFS Recovery Agent | 1 | Windows 2000 Server | No |
| Kerberos Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Pharmax Key Recovery Agent | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Pharmax Labs Key Archive | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Pharmax Web Server | 2 | Windows Server 2003 Enterprise Edition | No |
| Pharmax Workstation Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Subordinate Certification Authority | 1 | Windows 2000 Server | No |
| User | 1 | Windows 2000 Server | No |
| Web Server | 1 | Windows 2000 Server | No |
| Web Server - ADFS | 2 | Windows Server 2003 Enterprise Edition | No |
| Web Server - Horizon | 2 | Windows Server 2003 Enterprise Edition | No |
| Web Server - Parallel | 2 | Windows Server 2003 Enterprise Edition | No |
| Web Server - WSUS SSL | 2 | Windows Server 2003 Enterprise Edition | No |
Table 187 - Issued Certificate Template - pharmax-SERVER-DC-01V-CA
1.5.8.2 Certificate Template In Active Directory
The following section provides registered certificate templates from Active Directory.
| Template Name | Schema Version | Supported CA | Autoenrollment |
|---|---|---|---|
| Administrator | 1 | Windows 2000 Server | No |
| Authenticated Session | 1 | Windows 2000 Server | No |
| Basic EFS | 1 | Windows 2000 Server | No |
| CA Exchange | 2 | Windows Server 2003 Enterprise Edition | No |
| CEP Encryption | 1 | Windows 2000 Server | No |
| Code Signing | 1 | Windows 2000 Server | No |
| Computer | 1 | Windows 2000 Server | No |
| ConfigMgr Client Distribution | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Cross Certification Authority | 2 | Windows Server 2003 Enterprise Edition | No |
| Directory Email Replication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Domain Controller | 1 | Windows 2000 Server | No |
| Domain Controller Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| EFS Recovery Agent | 1 | Windows 2000 Server | No |
| Enrollment Agent | 1 | Windows 2000 Server | No |
| Enrollment Agent (Computer) | 1 | Windows 2000 Server | No |
| Exchange Enrollment Agent (Offline request) | 1 | Windows 2000 Server | No |
| Exchange Signature Only | 1 | Windows 2000 Server | No |
| Exchange User | 1 | Windows 2000 Server | No |
| IPSec | 1 | Windows 2000 Server | No |
| IPSec (Offline request) | 1 | Windows 2000 Server | No |
| Kerberos Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Key Recovery Agent | 2 | Windows Server 2003 Enterprise Edition | Yes |
| OCSP Response Signing | 3 | Windows Server 2008 Enterprise Edition | No |
| Pharmax Key Recovery Agent | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Pharmax Labs Key Archive | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Pharmax Web Server | 2 | Windows Server 2003 Enterprise Edition | No |
| Pharmax Workstation Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| RAS and IAS Server | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Root Certification Authority | 1 | Windows 2000 Server | No |
| Router (Offline request) | 1 | Windows 2000 Server | No |
| Smartcard Logon | 1 | Windows 2000 Server | No |
| Smartcard User | 1 | Windows 2000 Server | No |
| Subordinate Certification Authority | 1 | Windows 2000 Server | No |
| Trust List Signing | 1 | Windows 2000 Server | No |
| User | 1 | Windows 2000 Server | No |
| User Signature Only | 1 | Windows 2000 Server | No |
| Web Server | 1 | Windows 2000 Server | No |
| Web Server - ADFS | 2 | Windows Server 2003 Enterprise Edition | No |
| Web Server - Horizon | 2 | Windows Server 2003 Enterprise Edition | No |
| Web Server - Parallel | 2 | Windows Server 2003 Enterprise Edition | No |
| Web Server - WSUS SSL | 2 | Windows Server 2003 Enterprise Edition | No |
| Workstation Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
Table 188 - Certificate Template in AD - PHARMAX.LOCAL
1.5.9 Certificate Template Summary
The following section provides the certificate templates that are assigned to a specified Certification Authority (CA). CA server can issue certificates only based on assigned templates.
1.5.9.1 acad-ACADE-DC-01V-CA Certificate Template
| Template Name | Schema Version | Supported CA | Autoenrollment |
|---|---|---|---|
| Administrator | 1 | Windows 2000 Server | No |
| Basic EFS | 1 | Windows 2000 Server | No |
| Computer | 1 | Windows 2000 Server | No |
| Directory Email Replication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Domain Controller | 1 | Windows 2000 Server | No |
| Domain Controller Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| EFS Recovery Agent | 1 | Windows 2000 Server | No |
| Kerberos Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Pharmax Workstation Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Subordinate Certification Authority | 1 | Windows 2000 Server | No |
| User | 1 | Windows 2000 Server | No |
| Web Server | 1 | Windows 2000 Server | No |
Table 189 - Issued Certificate Template - acad-ACADE-DC-01V-CA
1.5.9.2 Certificate Template In Active Directory
The following section provides registered certificate templates from Active Directory.
| Template Name | Schema Version | Supported CA | Autoenrollment |
|---|---|---|---|
| Administrator | 1 | Windows 2000 Server | No |
| Authenticated Session | 1 | Windows 2000 Server | No |
| Basic EFS | 1 | Windows 2000 Server | No |
| CA Exchange | 2 | Windows Server 2003 Enterprise Edition | No |
| CEP Encryption | 1 | Windows 2000 Server | No |
| Code Signing | 1 | Windows 2000 Server | No |
| Computer | 1 | Windows 2000 Server | No |
| ConfigMgr Client Distribution | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Cross Certification Authority | 2 | Windows Server 2003 Enterprise Edition | No |
| Directory Email Replication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Domain Controller | 1 | Windows 2000 Server | No |
| Domain Controller Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| EFS Recovery Agent | 1 | Windows 2000 Server | No |
| Enrollment Agent | 1 | Windows 2000 Server | No |
| Enrollment Agent (Computer) | 1 | Windows 2000 Server | No |
| Exchange Enrollment Agent (Offline request) | 1 | Windows 2000 Server | No |
| Exchange Signature Only | 1 | Windows 2000 Server | No |
| Exchange User | 1 | Windows 2000 Server | No |
| IPSec | 1 | Windows 2000 Server | No |
| IPSec (Offline request) | 1 | Windows 2000 Server | No |
| Kerberos Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Key Recovery Agent | 2 | Windows Server 2003 Enterprise Edition | Yes |
| OCSP Response Signing | 3 | Windows Server 2008 Enterprise Edition | No |
| Pharmax Key Recovery Agent | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Pharmax Labs Key Archive | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Pharmax Web Server | 2 | Windows Server 2003 Enterprise Edition | No |
| Pharmax Workstation Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| RAS and IAS Server | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Root Certification Authority | 1 | Windows 2000 Server | No |
| Router (Offline request) | 1 | Windows 2000 Server | No |
| Smartcard Logon | 1 | Windows 2000 Server | No |
| Smartcard User | 1 | Windows 2000 Server | No |
| Subordinate Certification Authority | 1 | Windows 2000 Server | No |
| Trust List Signing | 1 | Windows 2000 Server | No |
| User | 1 | Windows 2000 Server | No |
| User Signature Only | 1 | Windows 2000 Server | No |
| Web Server | 1 | Windows 2000 Server | No |
| Web Server - ADFS | 2 | Windows Server 2003 Enterprise Edition | No |
| Web Server - Horizon | 2 | Windows Server 2003 Enterprise Edition | No |
| Web Server - Parallel | 2 | Windows Server 2003 Enterprise Edition | No |
| Web Server - WSUS SSL | 2 | Windows Server 2003 Enterprise Edition | No |
| Workstation Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
Table 190 - Certificate Template in AD - PHARMAX.LOCAL
1.5.10 Certificate Template Summary
The following section provides the certificate templates that are assigned to a specified Certification Authority (CA). CA server can issue certificates only based on assigned templates.
1.5.10.1 pharmax-CAYEY-DC-01V-CA Certificate Template
| Template Name | Schema Version | Supported CA | Autoenrollment |
|---|---|---|---|
| Administrator | 1 | Windows 2000 Server | No |
| Basic EFS | 1 | Windows 2000 Server | No |
| Computer | 1 | Windows 2000 Server | No |
| Directory Email Replication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Domain Controller | 1 | Windows 2000 Server | No |
| Domain Controller Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| EFS Recovery Agent | 1 | Windows 2000 Server | No |
| Kerberos Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Subordinate Certification Authority | 1 | Windows 2000 Server | No |
| User | 1 | Windows 2000 Server | No |
| Web Server | 1 | Windows 2000 Server | No |
Table 191 - Issued Certificate Template - pharmax-CAYEY-DC-01V-CA
1.5.10.2 Certificate Template In Active Directory
The following section provides registered certificate templates from Active Directory.
| Template Name | Schema Version | Supported CA | Autoenrollment |
|---|---|---|---|
| Administrator | 1 | Windows 2000 Server | No |
| Authenticated Session | 1 | Windows 2000 Server | No |
| Basic EFS | 1 | Windows 2000 Server | No |
| CA Exchange | 2 | Windows Server 2003 Enterprise Edition | No |
| CEP Encryption | 1 | Windows 2000 Server | No |
| Code Signing | 1 | Windows 2000 Server | No |
| Computer | 1 | Windows 2000 Server | No |
| ConfigMgr Client Distribution | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Cross Certification Authority | 2 | Windows Server 2003 Enterprise Edition | No |
| Directory Email Replication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Domain Controller | 1 | Windows 2000 Server | No |
| Domain Controller Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| EFS Recovery Agent | 1 | Windows 2000 Server | No |
| Enrollment Agent | 1 | Windows 2000 Server | No |
| Enrollment Agent (Computer) | 1 | Windows 2000 Server | No |
| Exchange Enrollment Agent (Offline request) | 1 | Windows 2000 Server | No |
| Exchange Signature Only | 1 | Windows 2000 Server | No |
| Exchange User | 1 | Windows 2000 Server | No |
| IPSec | 1 | Windows 2000 Server | No |
| IPSec (Offline request) | 1 | Windows 2000 Server | No |
| Kerberos Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Key Recovery Agent | 2 | Windows Server 2003 Enterprise Edition | Yes |
| OCSP Response Signing | 3 | Windows Server 2008 Enterprise Edition | No |
| Pharmax Key Recovery Agent | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Pharmax Labs Key Archive | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Pharmax Web Server | 2 | Windows Server 2003 Enterprise Edition | No |
| Pharmax Workstation Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
| RAS and IAS Server | 2 | Windows Server 2003 Enterprise Edition | Yes |
| Root Certification Authority | 1 | Windows 2000 Server | No |
| Router (Offline request) | 1 | Windows 2000 Server | No |
| Smartcard Logon | 1 | Windows 2000 Server | No |
| Smartcard User | 1 | Windows 2000 Server | No |
| Subordinate Certification Authority | 1 | Windows 2000 Server | No |
| Trust List Signing | 1 | Windows 2000 Server | No |
| User | 1 | Windows 2000 Server | No |
| User Signature Only | 1 | Windows 2000 Server | No |
| Web Server | 1 | Windows 2000 Server | No |
| Web Server - ADFS | 2 | Windows Server 2003 Enterprise Edition | No |
| Web Server - Horizon | 2 | Windows Server 2003 Enterprise Edition | No |
| Web Server - Parallel | 2 | Windows Server 2003 Enterprise Edition | No |
| Web Server - WSUS SSL | 2 | Windows Server 2003 Enterprise Edition | No |
| Workstation Authentication | 2 | Windows Server 2003 Enterprise Edition | Yes |
Table 192 - Certificate Template in AD - PHARMAX.LOCAL
1.5.11 Key Recovery Agent Certificate
The following section provides the Key Recovery Agent certificate used to encrypt user's certificate private key and store it in CA database. In the case when user cannot access his or her certificate private key it is possible to recover it by Key Recovery Agent if Key Archival procedure was taken against particular certificate.
| CA Name | pharmax-SERVER-DC-01V-CA |
|---|---|
| Server Name | SERVER-DC-01V |
| Certificate | [Subject] CN=Administrator, CN=Users, DC=pharmax, DC=local [Issuer] CN=pharmax-SERVER-DC-01V-CA, DC=pharmax, DC=local [Serial Number] 61000001068FABBB1D8B7B986A000000000106 [Not Before] 11/16/2021 8:11:55 PM [Not After] 11/16/2023 8:11:55 PM [Thumbprint] 0C65947128A94A0209907127D13F81AD5840CA37 |
Table 193 - Key Recovery Agent Certificate - pharmax-SERVER-DC-01V-CA
| CA Name | acad-ACADE-DC-01V-CA |
|---|---|
| Server Name | ACADE-DC-01V |
| Certificate | [Subject] CN=Administrator, CN=Users, DC=pharmax, DC=local [Issuer] CN=pharmax-SERVER-DC-01V-CA, DC=pharmax, DC=local [Serial Number] 610000011FC4B5F75727EEAB0800000000011F [Not Before] 1/23/2022 10:30:44 PM [Not After] 1/23/2024 10:30:44 PM [Thumbprint] 4883ED66CAB909725F89D7483E97DBF69C4CDA9B |
Table 194 - Key Recovery Agent Certificate - acad-ACADE-DC-01V-CA