Extend Tier0 assets to non-group objects

[furmelade]

Hi,
so far the T0 list is limited to group objects, but i'd suggest to extend it to several built-in objects which should always considered T0, such as:

• Domain root object
• AdminSDHolder object
• TrustedDomain objects
• krbtgt user account
• RID-500 account
• AAD Connect object(s)

Even possibly extending it to whole OUs and GPOs.

Let me know what you think, cheers

[JonasBK]

Hi @furmelade,

Thank you for your suggestions! :)
I agree that all the assets you listed here should be part of Tier Zero.

Are you interested in making a pull request?

[furmelade]

Hi @JonasBK
sure, i will create a pull request (and maybe add some more stuff) in the next couple days.

[JonasBK]

Awesome - Thanks @furmelade! :)