AZGroup

This article applies to BHCE and BHE

AZGroup node.svg

Node properties

The node supports the properties of the table below.

Properties which are blank/null will not be shown in the Entity Panel.

Entity Panel name Description
Tier Zero / High Value BloodHound Enterprise: Whether the object is part of Tier Zero of the Microsoft's Active Directory Tier Model, or the Control Plane of Microsoft's Enterprise Access Model.

BloodHound CE: Whether the object is currently marked as High Value. By default any object that belongs to Tier Zero is marked as High Value.
Display Name The display name for the object.
Object ID The object's security identifier (SID), a unique identifier in the directory.
Admin Count Whether the object currently, or possibly ever has belonged to a certain set of highly privileged groups. For Active Directory nodes this is related to the AdminSDHolder object and the SDProp process, read about that here.
Created The time when the object was created in the directory.
Description The contents of the description field for the object.
Is Role Assignable Whether the group can be assigned to Azure roles. When set to "True," group members inherit role-based permissions. When set to "False," role assignments are not allowed for the group.
On-Prem Sync Enabled Whether the object is synchronized to on-premises Active Directory.
Security Enabled Whether the group is a Security Principal, meaning it can be used to secure objects in Entra ID.
Security Identifier -
Tenant ID Unique identifier for the Azure tenant.

 

 

Updated