TestimoX

API Reference

Command

Invoke-TestimoXService

Namespace TestimoX.PowerShell
Outputs
TestimoX.PowerShell.ServiceInvocationAcceptance

Invoke TestimoX via the Service Management API.

Remarks

Requires Connect-TestimoXService. With no parameters, triggers the currently configured workload once. Optionally, scope a single run without changing the deployed config using the same rule selectors as Invoke-TestimoX: - -IncludeRules (string names) - -IncludeCSharpRules (typed C# enum) - -IncludePowerShellRules (typed PowerShell enum) You can also trigger only selected snapshot streams with -RunSnapshot and -Streams. This cmdlet does not modify service.json. It sends a one-time override to the Management API and triggers a single run. Use Set-TestimoXService to persist configuration changes.

Examples

Authored help example

Example 1: Trigger configured workload

PS>


Connect-TestimoXService -Url 'http://127.0.0.1:7809/' -ApiKey 'secret'; Invoke-TestimoXService

Example 2: Run only Users and Groups snapshot once

PS>


Invoke-TestimoXService -RunSnapshot -Streams Users,Groups

Example 3: Run selected rules once (same selectors as Invoke-TestimoX)

PS>


$cs = [TestimoX.Definitions.CSharpRule]
$ps = [TestimoX.RulesPowerShell.PowerShellRule]
Invoke-TestimoXService -RunTest -IncludeRules 'ForestRecycleBinAndLifetimes' -IncludeCSharpRules $cs::DomainPasswordPolicy -IncludePowerShellRules $ps::ForestRecycleBinAndLifetimes

Common Parameters

This command supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable.

For more information, see about_CommonParameters.

Syntax

Invoke-TestimoXService [-IncludeCSharpRules <AdminPrivilegedActivityPosture>] [-IncludePowerShellRules <DCDFS>] [-IncludeRules <string[]>] [-RuleConfigPath <string>] [-RunSnapshot] [-RunTest] [-Streams <string[]>] [<CommonParameters>]
#

Parameters

IncludeCSharpRules CSharpRule[] optionalposition: namedpipeline: falsevalues: 360
Typed C# rules (enum) to execute for this run only. Possible values: AdminPrivilegedActivityPosture, AdminSdHolderAclDrift, Backup, ComputersAesDisabled, ComputersObsoleteDomainControllers, ComputersObsoleteServers, ComputersObsoleteWorkstations, ComputersPrimaryGroupCompliance, ComputersRbcdExposure, ComputersUnconstrainedDelegation, ComputersUnsupported, ComputersUnsupportedMainstream, DCDNSForwaders, DFS, DHCPAuthorized, Diagnostics, DirectoryAclPostureInventory, DirectoryDangerousExtendedRights, DirectoryDefaultOuChanged, DirectoryDisplaySpecifiersForeignPaths, DirectoryEmptyOrganizationalUnits, DirectoryLdapConnectivity, DirectoryUnprotectedOus, DirectoryWellKnownFolderPosture, DiskSpace, DnsAdminsMembership, DnsDelegationRisk, DNSForwarders, DnsNameServers, DNSResolveExternal, DNSResolveInternal, DNSScavengingForPrimaryDNSServer, DNSZonesAging, DNSZonesDomain0ADEL, DnsZonesDynamicUpdatesSecure, DNSZonesForest0ADEL, DnsZonesReadExposure, DnsZonesSecurity, DomainAccountDelegationPosture, DomainAdminGroupDelegationRisk, DomainAuthentication, DomainBackupMetadata, DomainBroadTrusteeDelegationExposure, DomainComputerSecurityBaselinePosture, DomainComputersLapsCoverage, DomainComputersLapsDelegation, DomainComputersLapsDsrmDelegation, DomainComputersLifecycle, DomainConstrainedDelegationOverview, DomainConstrainedDelegationTargets, DomainConstrainedDelegationToDcServices, DomainControllerAppControlRuntimeLocal, DomainControllerAuditPolicyLocal, DomainControllerBackupPostureRuntimeLocal, DomainControllerBrowserPolicyRuntimeLocal, DomainControllerCertificatePostureRuntimeLocal, DomainControllerCredentialPostureLocal, DomainControllerCriticalServices, DomainControllerDiagnosticPosture, DomainControllerDiskSpacePosture, DomainControllerDnsDynamicUpdates, DomainControllerDnsPrimaryZoneNameServerPosture, DomainControllerDnsServerPosture, DomainControllerDnsZoneTransfer, DomainControllerDsaFileLocationPostureLocal, DomainControllerEventLogPolicyLocal, DomainControllerExploitProtectionRuntimeLocal, DomainControllerFeaturePostureRuntimeLocal, DomainControllerFileSystemLocal, DomainControllerInformationPosture, DomainControllerLanManager, DomainControllerLdapChannelBinding, DomainControllerLdapConnectivity, DomainControllerLdapSigning, DomainControllerLocalIdentityRuntimeLocal, DomainControllerLogonUxUacLocal, DomainControllerLsaProtectionLocal, DomainControllerMdmPostureRuntimeLocal, DomainControllerMssLegacyNetworkPostureLocal, DomainControllerNetlogonSiteCoverage, DomainControllerNetSessionEnumerationLocal, DomainControllerNetworkAdapterPosture, DomainControllerNetworkHardeningRuntimeLocal, DomainControllerNtdsParametersLocal, DomainControllerNullSession, DomainControllerOfficePostureRuntimeLocal, DomainControllerOperatingSystemPosture, DomainControllerOptionalFeaturePostureLocal, DomainControllerPersistencePostureRuntimeLocal, DomainControllerPingPosture, DomainControllerPkiEnrollmentChannelBinding, DomainControllerPlatformSecurityRuntimeLocal, DomainControllerPortPosture, DomainControllerPrivacyPostureRuntimeLocal, DomainControllerRdpSecurityLocal, DomainControllerRebootCadence, DomainControllerRemoteAccessRuntimeLocal, DomainControllers, DomainControllersAuditPolicy, DomainControllerSchannelProtocolsLocal, DomainControllersDeploymentHealth, DomainControllersDnsAndSiteRegistration, DomainControllerSecureBootCertificateRolloutLocal, DomainControllerSmbCompliance, DomainControllerSmbSharePermissions, DomainControllerSmbShares, DomainControllerSmbSigning, DomainControllersOverallPosture, DomainControllersRodcPolicy, DomainControllersRodcSysvolWriteAccess, DomainControllersSpoolerExposure, DomainControllerSystemStateBackup, DomainControllerSysvolReplication, DomainControllerTimeServiceStatus, DomainControllerTimeSynchronizationExternal, DomainControllerTimeSynchronizationInternal, DomainControllerVsCodeExtensionsRuntimeLocal, DomainControllerWebClientDisabled, DomainControllerWindowsUpdatePosture, DomainControllerWinRmSecurityLocal, DomainDcShadowIndicators, DomainDelegationInventory, DomainDhcpAuthorizationPosture, DomainDnsApplicationPartitionOwnerPosture, DomainDnsForwarderConsistency, DomainDsHeuristics, DomainDuplicateAccounts, DomainExchangeUserAliasPosture, DomainFineGrainedPasswordPolicies, DomainFsmoRolePosture, DomainFSMORoles, DomainFunctionalLevel, DomainGpoAnalysis, DomainGpoAnonymousExposureConfiguration, DomainGpoBlockedInheritance, DomainGpoBrokenGpos, DomainGpoBrokenLinks, DomainGpoDangerousUserRightsExposure, DomainGpoDefaultPoliciesRecentChanges, DomainGpoDefenderAsrPolicy, DomainGpoDelegationExposure, DomainGpoDuplicates, DomainGpoEventLogPolicyBaseline, DomainGpoEveryoneAuthorizedGpo, DomainGpoEveryoneIncludesAnonymousDisabled, DomainGpoExternalArtifacts, DomainGpoFiles, DomainGpoFirewallProfilesBaseline, DomainGpoFirewallScriptBlock, DomainGpoFolderOptionsExposure, DomainGpoHardenedPaths, DomainGpoInventoryHealth, DomainGpoKdcProxyPolicy, DomainGpoKerberosClientArmoring, DomainGpoKerberosCryptoBaseline, DomainGpoKerberosKdcArmoring, DomainGpoKerberosPacHardeningBaseline, DomainGpoLapsDsrmPolicy, DomainGpoLapsPolicy, DomainGpoLdapHardening, DomainGpoLimitBlankPasswordUse, DomainGpoLinks, DomainGpoList, DomainGpoLlmnrWdigestConfiguration, DomainGpoLogonUxUacBaseline, DomainGpoLsaProtectionBaseline, DomainGpoMissingSysvolFiles, DomainGpoNameResolutionBaseline, DomainGpoNetlogonConfiguration, DomainGpoNetSessionHardening, DomainGpoNoLmHash, DomainGpoNtlmRestrictConfiguration, DomainGpoOrganizationalUnit, DomainGpoOwners, DomainGpoPassword, DomainGpoPermissionBaseline, DomainGpoPermissionConsistency, DomainGpoPermissions, DomainGpoPermissionsAdministrative, DomainGpoPermissionsRead, DomainGpoPermissionsRoot, DomainGpoPermissionsUnknown, DomainGpoPku2uPolicy, DomainGpoPowerShellAuditing, DomainGpoPowerShellLoggingBaseline, DomainGpoRdpRedirectionPolicyBaseline, DomainGpoRecoveryConsoleAutoAdminLogon, DomainGpoRedirect, DomainGpoSchannelPolicyBaseline, DomainGpoScriptPreferenceExposure, DomainGpoServicePolicy, DomainGpoSysvolPosture, DomainGpoTerminalServicesTimeout, DomainGpoTimeServicePolicy, DomainGpoUpdates, DomainGpoWinRmPolicyBaseline, DomainGpoWpadHardeningExample, DomainGpoWsusConfiguration, DomainKerberosCryptoOverview, DomainKerberosDesConfiguration, DomainKerberosDuplicateSpns, DomainKerberosRc4Only, DomainLapsOuDelegation, DomainLDAP, DomainMachineAccountQuota, DomainObjectsRecentCreation, DomainObjectStatistics, DomainOuDelegationRisk, DomainPasswordPolicy, DomainPasswordPolicyRollup, DomainPrimaryGroupReadability, DomainPrivilegedGroupOwnerRisk, DomainPrivilegedGroupRecentChanges, DomainRidMasterHealth, DomainServiceAccountsSpnHygiene, DomainServiceAccountsUsage, DomainShadowCredentialsRisk, DomainSpnHygieneOverview, DomainSysvolReplicationPosture, DomainTechnicalAzureAdSso, DomainTrustsConfiguration, DomainTrustSidHistory, DomainUnprivilegedGroupRecentChanges, DomainUsersCredentialHygiene, DomainUsersSmartCardConfiguration, DsHeuristicsCompliance, DummyDomainStaleAdminAccounts, DummyExampleNew, DummyForestBackup, DummyForestReplicationStatus, DummySystemHealth, DummyTestimoDebug, DuplicateObjects, DuplicateSPN, EventLogs, ExchangeUsers, FileSystem, ForestBackupMetadataPosture, ForestConfigurationPartitionContainerOwnerPosture, ForestConfigurationPartitionOwnerPosture, ForestConfigurationPartitionOwners, ForestConfigurationPartitionOwnersContainer, ForestDHCP, ForestDhcpInfrastructurePosture, ForestDirectoryDiscoveryDiagnostics, ForestDuplicateComputerHostnames, ForestExchangeSchemaVulnerabilityPosture, ForestFsmoRolePosture, ForestFSMORoles, ForestFunctionalLevel, ForestKdsRootKeyPosture, ForestKerberosDuplicateSpns, ForestOptionalFeaturePosture, ForestPkiConfiguration, ForestPkiTemplatesConfiguration, ForestPkiTemplatesRiskOverview, ForestRecycleBinAndLifetimes, ForestReplicationPosture, ForestSchemaDefaultSecurityDescriptorChanges, ForestSchemaJavaExposure, ForestSchemaLapsAttributes, ForestSiteConnectionPosture, ForestSiteLinkPosture, ForestSubnetCoveragePosture, ForestSubnets, ForestTrustsOverview, GroupPolicy, GroupPolicyADM, GroupPolicyOwners, GroupPolicyPermission, GroupPolicyPermissionConsistency, GroupPolicySysvol, GroupPolicySYSVOLDC, GroupsCriticalMembership, GroupsForeignSecurityPrincipalsPrivilegedExposure, GroupsOperatorsEmpty, GroupsOrphanedForeignSecurityPrincipals, GroupsPreWindows2000Exposure, GroupsPrivilegedDelegationRisk, Information, KerberosSecurity, KrbtgtHealth, LanManagerSettings, LanManServer, Ldap, LdapInsecureBindings, MachineQuota, MSSLegacy, NetLogonOwner, NetSessionEnumeration, NetworkCardSettings, NTDSParameters, OperatingSystem, OptionalFeatures, OrganizationalUnitsEmpty, OrganizationalUnitsProtected, OrphanedAdmins, OrphanedSecurityPrincipals, PasswordComplexity, Pingable, PkiCaRocaConfirmed, PkiCaRocaSuspected, PkiCaWeakKeySize, PkiCaWeakRsaComponent, PkiCaWeakSignature, PkiEnrollmentHttpsRequired, Ports, RDPPorts, RDPSecurity, Replication, ReplicationStatus, RootDseAnonymousBind, RootKDS, SecurityComputers, SecurityDelegatedObjects, SecurityGroupsAccountOperators, SecurityGroupsSchemaAdmins, SecurityKRBGT, SecurityUsers, SecurityUsersAccountAdministrator, ServersGpoSmbSigningBaseline, Services, ServiceWINRM, SiteLinks, SiteLinksConnections, Sites, SMBProtocols, SMBShares, SMBSharesPermissions, StaleAdminAccountsManual, SysVOLDFSR, SysvolGpoConsistency, SysvolLegacyAdmFiles, SysvolNetlogonOwners, SysvolNetlogonPermissions, TimeSettings, TimeSynchronizationExternal, TimeSynchronizationInternal, TombstoneLifetime, TrustAzureAdSso, Trusts, UNCHardenedPaths, UsersAdminProtection, UsersBuiltInAdministrator, UsersGppStoredPasswords, UsersGuestAccount, UsersPasswordNeverExpires, UsersPrimaryGroupCompliance, UsersPrivilegedDelegationProtection, UsersPrivilegedEmailPresent, UsersPrivilegedInactivity, UsersStaleAccounts, UsersUnconstrainedDelegation, VurnerableSchemaClass, WellKnownFolders, WindowsFeaturesOptional, WindowsRemoteManagement, WindowsRolesAndFeatures, WindowsUpdates, WorkstationsGpoSmbSigningBaseline
Possible values: AdminPrivilegedActivityPosture, AdminSdHolderAclDrift, Backup, ComputersAesDisabled, ComputersObsoleteDomainControllers, ComputersObsoleteServers, ComputersObsoleteWorkstations, ComputersPrimaryGroupCompliance, ComputersRbcdExposure, ComputersUnconstrainedDelegation, ComputersUnsupported, ComputersUnsupportedMainstream, DCDNSForwaders, DFS, DHCPAuthorized, Diagnostics, DirectoryAclPostureInventory, DirectoryDangerousExtendedRights, DirectoryDefaultOuChanged, DirectoryDisplaySpecifiersForeignPaths, DirectoryEmptyOrganizationalUnits, DirectoryLdapConnectivity, DirectoryUnprotectedOus, DirectoryWellKnownFolderPosture, DiskSpace, DnsAdminsMembership, DnsDelegationRisk, DNSForwarders, DnsNameServers, DNSResolveExternal, DNSResolveInternal, DNSScavengingForPrimaryDNSServer, DNSZonesAging, DNSZonesDomain0ADEL, DnsZonesDynamicUpdatesSecure, DNSZonesForest0ADEL, DnsZonesReadExposure, DnsZonesSecurity, DomainAccountDelegationPosture, DomainAdminGroupDelegationRisk, DomainAuthentication, DomainBackupMetadata, DomainBroadTrusteeDelegationExposure, DomainComputerSecurityBaselinePosture, DomainComputersLapsCoverage, DomainComputersLapsDelegation, DomainComputersLapsDsrmDelegation, DomainComputersLifecycle, DomainConstrainedDelegationOverview, DomainConstrainedDelegationTargets, DomainConstrainedDelegationToDcServices, DomainControllerAppControlRuntimeLocal, DomainControllerAuditPolicyLocal, DomainControllerBackupPostureRuntimeLocal, DomainControllerBrowserPolicyRuntimeLocal, DomainControllerCertificatePostureRuntimeLocal, DomainControllerCredentialPostureLocal, DomainControllerCriticalServices, DomainControllerDiagnosticPosture, DomainControllerDiskSpacePosture, DomainControllerDnsDynamicUpdates, DomainControllerDnsPrimaryZoneNameServerPosture, DomainControllerDnsServerPosture, DomainControllerDnsZoneTransfer, DomainControllerDsaFileLocationPostureLocal, DomainControllerEventLogPolicyLocal, DomainControllerExploitProtectionRuntimeLocal, DomainControllerFeaturePostureRuntimeLocal, DomainControllerFileSystemLocal, DomainControllerInformationPosture, DomainControllerLanManager, DomainControllerLdapChannelBinding, DomainControllerLdapConnectivity, DomainControllerLdapSigning, DomainControllerLocalIdentityRuntimeLocal, DomainControllerLogonUxUacLocal, DomainControllerLsaProtectionLocal, DomainControllerMdmPostureRuntimeLocal, DomainControllerMssLegacyNetworkPostureLocal, DomainControllerNetlogonSiteCoverage, DomainControllerNetSessionEnumerationLocal, DomainControllerNetworkAdapterPosture, DomainControllerNetworkHardeningRuntimeLocal, DomainControllerNtdsParametersLocal, DomainControllerNullSession, DomainControllerOfficePostureRuntimeLocal, DomainControllerOperatingSystemPosture, DomainControllerOptionalFeaturePostureLocal, DomainControllerPersistencePostureRuntimeLocal, DomainControllerPingPosture, DomainControllerPkiEnrollmentChannelBinding, DomainControllerPlatformSecurityRuntimeLocal, DomainControllerPortPosture, DomainControllerPrivacyPostureRuntimeLocal, DomainControllerRdpSecurityLocal, DomainControllerRebootCadence, DomainControllerRemoteAccessRuntimeLocal, DomainControllers, DomainControllersAuditPolicy, DomainControllerSchannelProtocolsLocal, DomainControllersDeploymentHealth, DomainControllersDnsAndSiteRegistration, DomainControllerSecureBootCertificateRolloutLocal, DomainControllerSmbCompliance, DomainControllerSmbSharePermissions, DomainControllerSmbShares, DomainControllerSmbSigning, DomainControllersOverallPosture, DomainControllersRodcPolicy, DomainControllersRodcSysvolWriteAccess, DomainControllersSpoolerExposure, DomainControllerSystemStateBackup, DomainControllerSysvolReplication, DomainControllerTimeServiceStatus, DomainControllerTimeSynchronizationExternal, DomainControllerTimeSynchronizationInternal, DomainControllerVsCodeExtensionsRuntimeLocal, DomainControllerWebClientDisabled, DomainControllerWindowsUpdatePosture, DomainControllerWinRmSecurityLocal, DomainDcShadowIndicators, DomainDelegationInventory, DomainDhcpAuthorizationPosture, DomainDnsApplicationPartitionOwnerPosture, DomainDnsForwarderConsistency, DomainDsHeuristics, DomainDuplicateAccounts, DomainExchangeUserAliasPosture, DomainFineGrainedPasswordPolicies, DomainFsmoRolePosture, DomainFSMORoles, DomainFunctionalLevel, DomainGpoAnalysis, DomainGpoAnonymousExposureConfiguration, DomainGpoBlockedInheritance, DomainGpoBrokenGpos, DomainGpoBrokenLinks, DomainGpoDangerousUserRightsExposure, DomainGpoDefaultPoliciesRecentChanges, DomainGpoDefenderAsrPolicy, DomainGpoDelegationExposure, DomainGpoDuplicates, DomainGpoEventLogPolicyBaseline, DomainGpoEveryoneAuthorizedGpo, DomainGpoEveryoneIncludesAnonymousDisabled, DomainGpoExternalArtifacts, DomainGpoFiles, DomainGpoFirewallProfilesBaseline, DomainGpoFirewallScriptBlock, DomainGpoFolderOptionsExposure, DomainGpoHardenedPaths, DomainGpoInventoryHealth, DomainGpoKdcProxyPolicy, DomainGpoKerberosClientArmoring, DomainGpoKerberosCryptoBaseline, DomainGpoKerberosKdcArmoring, DomainGpoKerberosPacHardeningBaseline, DomainGpoLapsDsrmPolicy, DomainGpoLapsPolicy, DomainGpoLdapHardening, DomainGpoLimitBlankPasswordUse, DomainGpoLinks, DomainGpoList, DomainGpoLlmnrWdigestConfiguration, DomainGpoLogonUxUacBaseline, DomainGpoLsaProtectionBaseline, DomainGpoMissingSysvolFiles, DomainGpoNameResolutionBaseline, DomainGpoNetlogonConfiguration, DomainGpoNetSessionHardening, DomainGpoNoLmHash, DomainGpoNtlmRestrictConfiguration, DomainGpoOrganizationalUnit, DomainGpoOwners, DomainGpoPassword, DomainGpoPermissionBaseline, DomainGpoPermissionConsistency, DomainGpoPermissions, DomainGpoPermissionsAdministrative, DomainGpoPermissionsRead, DomainGpoPermissionsRoot, DomainGpoPermissionsUnknown, DomainGpoPku2uPolicy, DomainGpoPowerShellAuditing, DomainGpoPowerShellLoggingBaseline, DomainGpoRdpRedirectionPolicyBaseline, DomainGpoRecoveryConsoleAutoAdminLogon, DomainGpoRedirect, DomainGpoSchannelPolicyBaseline, DomainGpoScriptPreferenceExposure, DomainGpoServicePolicy, DomainGpoSysvolPosture, DomainGpoTerminalServicesTimeout, DomainGpoTimeServicePolicy, DomainGpoUpdates, DomainGpoWinRmPolicyBaseline, DomainGpoWpadHardeningExample, DomainGpoWsusConfiguration, DomainKerberosCryptoOverview, DomainKerberosDesConfiguration, DomainKerberosDuplicateSpns, DomainKerberosRc4Only, DomainLapsOuDelegation, DomainLDAP, DomainMachineAccountQuota, DomainObjectsRecentCreation, DomainObjectStatistics, DomainOuDelegationRisk, DomainPasswordPolicy, DomainPasswordPolicyRollup, DomainPrimaryGroupReadability, DomainPrivilegedGroupOwnerRisk, DomainPrivilegedGroupRecentChanges, DomainRidMasterHealth, DomainServiceAccountsSpnHygiene, DomainServiceAccountsUsage, DomainShadowCredentialsRisk, DomainSpnHygieneOverview, DomainSysvolReplicationPosture, DomainTechnicalAzureAdSso, DomainTrustsConfiguration, DomainTrustSidHistory, DomainUnprivilegedGroupRecentChanges, DomainUsersCredentialHygiene, DomainUsersSmartCardConfiguration, DsHeuristicsCompliance, DummyDomainStaleAdminAccounts, DummyExampleNew, DummyForestBackup, DummyForestReplicationStatus, DummySystemHealth, DummyTestimoDebug, DuplicateObjects, DuplicateSPN, EventLogs, ExchangeUsers, FileSystem, ForestBackupMetadataPosture, ForestConfigurationPartitionContainerOwnerPosture, ForestConfigurationPartitionOwnerPosture, ForestConfigurationPartitionOwners, ForestConfigurationPartitionOwnersContainer, ForestDHCP, ForestDhcpInfrastructurePosture, ForestDirectoryDiscoveryDiagnostics, ForestDuplicateComputerHostnames, ForestExchangeSchemaVulnerabilityPosture, ForestFsmoRolePosture, ForestFSMORoles, ForestFunctionalLevel, ForestKdsRootKeyPosture, ForestKerberosDuplicateSpns, ForestOptionalFeaturePosture, ForestPkiConfiguration, ForestPkiTemplatesConfiguration, ForestPkiTemplatesRiskOverview, ForestRecycleBinAndLifetimes, ForestReplicationPosture, ForestSchemaDefaultSecurityDescriptorChanges, ForestSchemaJavaExposure, ForestSchemaLapsAttributes, ForestSiteConnectionPosture, ForestSiteLinkPosture, ForestSubnetCoveragePosture, ForestSubnets, ForestTrustsOverview, GroupPolicy, GroupPolicyADM, GroupPolicyOwners, GroupPolicyPermission, GroupPolicyPermissionConsistency, GroupPolicySysvol, GroupPolicySYSVOLDC, GroupsCriticalMembership, GroupsForeignSecurityPrincipalsPrivilegedExposure, GroupsOperatorsEmpty, GroupsOrphanedForeignSecurityPrincipals, GroupsPreWindows2000Exposure, GroupsPrivilegedDelegationRisk, Information, KerberosSecurity, KrbtgtHealth, LanManagerSettings, LanManServer, Ldap, LdapInsecureBindings, MachineQuota, MSSLegacy, NetLogonOwner, NetSessionEnumeration, NetworkCardSettings, NTDSParameters, OperatingSystem, OptionalFeatures, OrganizationalUnitsEmpty, OrganizationalUnitsProtected, OrphanedAdmins, OrphanedSecurityPrincipals, PasswordComplexity, Pingable, PkiCaRocaConfirmed, PkiCaRocaSuspected, PkiCaWeakKeySize, PkiCaWeakRsaComponent, PkiCaWeakSignature, PkiEnrollmentHttpsRequired, Ports, RDPPorts, RDPSecurity, Replication, ReplicationStatus, RootDseAnonymousBind, RootKDS, SecurityComputers, SecurityDelegatedObjects, SecurityGroupsAccountOperators, SecurityGroupsSchemaAdmins, SecurityKRBGT, SecurityUsers, SecurityUsersAccountAdministrator, ServersGpoSmbSigningBaseline, Services, ServiceWINRM, SiteLinks, SiteLinksConnections, Sites, SMBProtocols, SMBShares, SMBSharesPermissions, StaleAdminAccountsManual, SysVOLDFSR, SysvolGpoConsistency, SysvolLegacyAdmFiles, SysvolNetlogonOwners, SysvolNetlogonPermissions, TimeSettings, TimeSynchronizationExternal, TimeSynchronizationInternal, TombstoneLifetime, TrustAzureAdSso, Trusts, UNCHardenedPaths, UsersAdminProtection, UsersBuiltInAdministrator, UsersGppStoredPasswords, UsersGuestAccount, UsersPasswordNeverExpires, UsersPrimaryGroupCompliance, UsersPrivilegedDelegationProtection, UsersPrivilegedEmailPresent, UsersPrivilegedInactivity, UsersStaleAccounts, UsersUnconstrainedDelegation, VurnerableSchemaClass, WellKnownFolders, WindowsFeaturesOptional, WindowsRemoteManagement, WindowsRolesAndFeatures, WindowsUpdates, WorkstationsGpoSmbSigningBaseline
IncludePowerShellRules PowerShellRule[] optionalposition: namedpipeline: falsevalues: 89
Typed PowerShell rules (enum) to execute for this run only. Possible values: DCDFS, DCDiagnostics, DCDiskSpace, DCDNSForwarders, DCDnsNameServers, DCDnsResolveExternal, DCDnsResolveInternal, DCEventLogs, DCFileSystem, DCGroupPolicySYSVOLDC, DCInformation, DCLanManagerSettings, DCLanManServer, DCLDAP, DCLDAPInsecureBindings, DCMSSLegacy, DCNetSessionEnumeration, DCNetworkCardSettings, DCNTDSParameters, DCOperatingSystem, DCPingable, DCPorts, DCRDPPorts, DCRDPSecurity, DCServices, DCServiceWINRM, DCSMBProtocols, DCSMBShares, DCSMBSharesPermissions, DCTimeSettings, DCTimeSynchronizationExternal, DCTimeSynchronizationInternal, DCUNCHardenedPaths, DCWindowsFeaturesOptional, DCWindowsRemoteManagement, DCWindowsRolesAndFeatures, DCWindowsUpdates, DomainComputersUnsupported, DomainComputersUnsupportedMainstream, DomainDHCPAuthorized, DomainDNSForwarders, DomainDNSScavengingForPrimaryDNSServer, DomainDnsZonesAging, DomainDNSZonesDomain0ADEL, DomainDNSZonesForest0ADEL, DomainDomainControllers, DomainDuplicateObjects, DomainExchangeUsers, DomainGroupPolicyADM, DomainGroupPolicyAssessment, DomainGroupPolicyOwner, DomainGroupPolicyPermissionConsistency, DomainGroupPolicyPermissions, DomainGroupPolicySysvol, DomainLDAP, DomainMachineQuota, DomainNetLogonOwner, DomainOrganizationalUnitsEmpty, DomainOrganizationalUnitsProtected, DomainOrphanedForeignSecurityPrincipals, DomainPasswordComplexity, DomainRoles, DomainSecurityComputers, DomainSecurityDelegatedObjects, DomainSecurityGroupsAccountOperators, DomainSecurityGroupsSchemaAdmins, DomainSecurityKrbtgt, DomainSecurityUsers, DomainSecurityUsersAcccountAdministrator, DomainSysVolDFSR, DomainWellKnownFolders, ForestBackup, ForestConfigurationPartitionOwners, ForestConfigurationPartitionOwnersContainers, ForestDHCP, ForestDuplicateSPN, ForestOptionalFeatures, ForestOrphanedAdmins, ForestReplication, ForestReplicationStatus, ForestRoles, ForestRootKDS, ForestSiteLinks, ForestSiteLinksConnections, ForestSites, ForestSubnets, ForestTombstoneLifetime, ForestTrusts, ForestVulnerableSchemaClass
Possible values: DCDFS, DCDiagnostics, DCDiskSpace, DCDNSForwarders, DCDnsNameServers, DCDnsResolveExternal, DCDnsResolveInternal, DCEventLogs, DCFileSystem, DCGroupPolicySYSVOLDC, DCInformation, DCLanManagerSettings, DCLanManServer, DCLDAP, DCLDAPInsecureBindings, DCMSSLegacy, DCNetSessionEnumeration, DCNetworkCardSettings, DCNTDSParameters, DCOperatingSystem, DCPingable, DCPorts, DCRDPPorts, DCRDPSecurity, DCServices, DCServiceWINRM, DCSMBProtocols, DCSMBShares, DCSMBSharesPermissions, DCTimeSettings, DCTimeSynchronizationExternal, DCTimeSynchronizationInternal, DCUNCHardenedPaths, DCWindowsFeaturesOptional, DCWindowsRemoteManagement, DCWindowsRolesAndFeatures, DCWindowsUpdates, DomainComputersUnsupported, DomainComputersUnsupportedMainstream, DomainDHCPAuthorized, DomainDNSForwarders, DomainDNSScavengingForPrimaryDNSServer, DomainDnsZonesAging, DomainDNSZonesDomain0ADEL, DomainDNSZonesForest0ADEL, DomainDomainControllers, DomainDuplicateObjects, DomainExchangeUsers, DomainGroupPolicyADM, DomainGroupPolicyAssessment, DomainGroupPolicyOwner, DomainGroupPolicyPermissionConsistency, DomainGroupPolicyPermissions, DomainGroupPolicySysvol, DomainLDAP, DomainMachineQuota, DomainNetLogonOwner, DomainOrganizationalUnitsEmpty, DomainOrganizationalUnitsProtected, DomainOrphanedForeignSecurityPrincipals, DomainPasswordComplexity, DomainRoles, DomainSecurityComputers, DomainSecurityDelegatedObjects, DomainSecurityGroupsAccountOperators, DomainSecurityGroupsSchemaAdmins, DomainSecurityKrbtgt, DomainSecurityUsers, DomainSecurityUsersAcccountAdministrator, DomainSysVolDFSR, DomainWellKnownFolders, ForestBackup, ForestConfigurationPartitionOwners, ForestConfigurationPartitionOwnersContainers, ForestDHCP, ForestDuplicateSPN, ForestOptionalFeatures, ForestOrphanedAdmins, ForestReplication, ForestReplicationStatus, ForestRoles, ForestRootKDS, ForestSiteLinks, ForestSiteLinksConnections, ForestSites, ForestSubnets, ForestTombstoneLifetime, ForestTrusts, ForestVulnerableSchemaClass
IncludeRules string[] optionalposition: namedpipeline: falsealiases: RuleNames
Rule names to execute for this run only.
RuleConfigPath string optionalposition: namedpipeline: false
Optional local path to a rule overrides JSON file to upload for this run.
RunSnapshot SwitchParameter optionalposition: namedpipeline: false
Run an AD snapshot in this invocation (one-time override).
RunTest SwitchParameter optionalposition: namedpipeline: false
Run rules instead of snapshot streams for this one-time invocation.
Streams string[] optionalposition: namedpipeline: false
Snapshot stream names to run in this invocation (e.g., Users, Groups).

Outputs

TestimoX.PowerShell.ServiceInvocationAcceptance