Users
Clicking on a user node will populate the Node Info tab with information about that user:
-Node: This is the label for the node, and is in domain simple format.
-SAMAccountName: This is the SAMAccountName for the user. This information is not currently collected by the ingestor.
-Display Name: This is the Windows display name for the user. This information is not currently collected by the ingestor.
-Password Last Changed: This is the date for when the user's password last changed. This information is not currently collected by the ingestor.
-First Degree Group Memberships: These are the groups that the user is explicitly a member of. This is the information you would see when typing net user username /domain
-Unrolled Group Memberships: These are all of the user's effective group memberships. This is the equivalent of running Get-NetGroup -User username
-Foreign Group Memberships: These are all of the foreign groups that the user belongs to.
-First Degree Local Admin: These are the computers where the user itself is added explicitly as a local administrator on a system.
-Group Delegated Local Admin Rights: These are the computers that the user gains administrator privileges to based on delegated group rights.
-Derivative Local Admin Rights: These are the computers the user can gain administrator rights to by impersonating a user currently using a computer the user has administrator privileges to, regardless of how deep this chaining goes.
-Sessions: These are all the computers the ingestor identified the user as logged onto during collection.