Listing iis, dcom, com+, scm, task, and custom accounts
When listing discovered account objects, agtdos writes output to files in the <instance>\psconfig\ directory.
For versions 12.0.0 or later, the output must be in SQLite table format. It is written to the <target id>.db file and must include the following:
agtdos discobj table output for account objectsstableid | type | longid | shortid | displayid | sd |
|---|---|---|---|---|---|
<GUID> | COMP | <GUID> | <computer name> | <computer name> | |
SID of user | type | SID of user | <description> | <description> |
agtdos discobjattr table output for account objectsstableid | type | attrkey | attrval | seqno |
|---|---|---|---|---|
SID of user | type | sid | <SID of user> | 0 |
SID of user | type | domain | <Domain ID> | 0 |
SID of user | type | islocal | <local account 1|> | 0 |
SID of user | type | ApplicationName | <Scheduled task’s binary> | 0 |
SID of user | type | DisplayName | <Description of object> | 0 |
SID of user | type | Comment | <Comment of object> | 0 |
agtdos discobjrel table output for account objectsparent_stableid | parent_type | reltype | child_stableid | child_type | child_name | child_sd |
|---|---|---|---|---|---|---|
SID of user | parent_type | SUB | <Full user ID> eg, Domain>\<account ID> | ACCT | <child_name> | <child_sd> |