search

EvotecIT / Testimo

Testimo is a PowerShell module for running health checks for Active Directory against a bunch of different tests
MIT License
526 stars 58 forks source link

Privileged Access Management #96

Closed SUBnet192 closed 3 years ago

SUBnet192 commented 4 years ago

I ran the command to enable the Privileged Access Management optional feature BEFORE reading what it was ;) and I found out that it probably should not be enabled on any domain other than the bastion domain. I would suggest that this test be marked as a suggestion if not enabled or marked as "recommended". Not many environments are mature enough to implement this, and having a "Fail" in the report is misleading. Thanks for all the hard work, this test framework is awesome man, told you already but I had to say it again :)

[i][Forest] Optional Features [Informative] [t][Forest] Optional Features [Pass] [Data is available.] [t][Forest] Recycle Bin Enabled [Pass] [Expected value (Equal): True] [t][Forest] LAPS Schema Extended [Pass] [Expected value (Equal): True] [t][Forest] Privileged Access Management Enabled [Pass] [Expected value (Equal): True]

PrzemyslawKlys commented 4 years ago

Currently, Testimo doesn't provide any other status then Pass/Fail. I need to rework the system to provide different options. You can disable it locally via configuration. But this will be addressed.

PrzemyslawKlys commented 3 years ago

This has been addressed in the last version. Hopefully, it solves your issue.

image