IT Hygiene - Identity
63 views
Skip to first unread message
j885...@gmail.com
Nov 24, 2025, 8:16:50 AM (10 days ago) Nov 24
to Wazuh | Mailing List
When Identity section was announced, I was looking forward to it because I hoped that I'd
finally be able to have easy access to administrators inventory.
But when I installed Wazuh 4.14.1 I noticed that it only shows local users and groups. If an AD group is present is local Administrators group on a Windows server, the AD group is not displayed in Wazuh.
Is this working as intended? As for me it's a huge blind spot if ALL members (be it local user, AD user, local group or AD group) are not displayed. Might this be added in future?
John Adewale Olatunde
Nov 24, 2025, 8:53:22 AM (10 days ago) Nov 24
to Wazuh | Mailing List
Hello j8855529
The current implementation of the Identity data in the system inventory is based on OSQuery https://github.com/wazuh/wazuh-agent/issues/664 OSquery As seen in https://github.com/osquery/osquery/issues/4264#issuecomment-790413778, OSQuery only shows local users and groups; it cannot show Active Directory users and groups. It is working as intended, however, you can create a feature request here https://github.com/wazuh/wazuh/issues to include this feature.
Best regards.
Best regards.
j885...@gmail.com
Nov 25, 2025, 12:36:20 AM (9 days ago) Nov 25
to Wazuh | Mailing List
j885...@gmail.com
Nov 27, 2025, 1:43:22 AM (7 days ago) Nov 27
to Wazuh | Mailing List
Additionally I noticed that administrators added via sudoers.d are not listed as well. These would be considered local but they are not displayed as well. Is this as intended as well?
John Adewale Olatunde
Dec 2, 2025, 11:26:35 AM (2 days ago) Dec 2
to j885...@gmail.com, Wazuh | Mailing List
Hi j8855529
Kindly provide more information about this in the created issue. I will follow up with the development team regarding it.
Kindly provide more information about this in the created issue. I will follow up with the development team regarding it.
--
You received this message because you are subscribed to a topic in the Google Groups "Wazuh | Mailing List" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/wazuh/ZM2ztBY9HBY/unsubscribe.
To unsubscribe from this group and all its topics, send an email to wazuh+un...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/wazuh/b5cdf1b0-b16f-4c04-937a-496e23c4a8a7n%40googlegroups.com.
j885...@gmail.com
Dec 3, 2025, 2:51:43 AM (23 hours ago) Dec 3
to Wazuh | Mailing List
John, I updated the issue to include details both for windows and linux: https://github.com/wazuh/wazuh/issues/33274
Reply all
Reply to author
Forward
0 new messages