By default, ChangeAuditor for Active Directory audits the Enterprise for changes made to the user, group and computer object classes.
In the scenario where we would like to exclude some directory object or container from Active Directory auditing, is there a way to achieve the intended?
WORKAROUND:
The current version of CA, there is no exclude option for Active Directory auditing. Thus, you may define custom Active Directory object auditing to include the directory object or container that you wish to audit.
You may refer to the following steps:
1. Open the Administration Tasks tab.
2. Select the Auditing task button at the bottom of the navigation pane (left-hand pane).
3. Select Active Directory in the Auditing task list to display the Active Directory Auditing page.
4. Use the Add tool bar button to launch the Active Directory Auditing wizard, which steps you through the process of defining the objects and object classes to be audited by ChangeAuditor.
5. Select where to conduct the audit:
• This Object
• This Object and Child Objects Only
• This Object and All Child Objects
6. If you selected the This Object, The Object and Child Objects Only, or This Object and All Child Objects option, use the Browse or Search pages to locate the directory object or container to be audited.
7. If you selected either the This Object and Child Objects Only or This Object and All Child Objects option, select Next to proceed to the next page to define the object classes to be audited.
From this page, use one of the following methods to move an object class to the Audited Object Class list (right-hand pane):
• Select one or more object classes in the UnAudited Object Class list and select the Add button.
• Select one or more object classes in the UnAudited Object Class list and ’drag and drop’ the selected object classes into the Audited Object Class list.
• Double-click an object class in the UnAudited Object Class list. You must select at least one object class for auditing.
8. After selecting the Active Directory objects (and object classes) to be audited, select the Finish button to save your selection, close the wizard and return to the Active Directory Auditing page. The selected Active Directory object will now be listed on the Active Directory Auditing page.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center