Chat now with support

Live-Hilfe anfordern
Registrierung abschließen

Anmelden

Preisinformationen anfragen

Vertrieb kontaktieren

Change Auditor 7.3 - Installation Guide

Inhaltsnavigation

Installation Overview

Before you begin System requirements System statistics and facilities System overview Installation overview Using Group Managed Service Accounts (gMSA)

Install Change Auditor

Installation workflow Install the first coordinator Install the client Install multiple coordinators

Add Users to Change Auditor Security Groups

Introducing Change Auditor security groups Add accounts to security groups Add accounts to ChangeAuditor database role

Connecting to the Clients

Connect to the client Open the web client Access product information

Deploy Change Auditor Agents

Change Auditor agents Deploy agents

Upgrade Change Auditor

Pre-upgrade considerations Upgrade Change Auditor

Step 1: Upgrade all coordinators (and database schema) Step 2: Upgrade all clients Step 3: Upgrade the agents

Post upgrade considerations

Installation Notes and Best Practices

Licensing Change Auditor products Permissions Other installation notes Change Auditor for Windows File Servers Change Auditor for Exchange Change Auditor for Authentication Services Change Auditor for SharePoint

Agent deployment

Backup notes Agent behavior notes Client notes ADAM (AD LDS) auditing Change Auditor for SQL Server — SQL auditing

Deployment Options

Multi-forest deployment

Requirements Example deployment scenario Configuration

Foreign forest agent deployment

Supported functionality Requirements Workflow

Harvesting the foreign forest topology Deploying agents to a foreign forest Installing agents in a foreign forest

Connecting to a different foreign forest/updating credentials Example deployment scenario

Workstation Agent Deployment

Recommendations and deployment requirements Manual workstation agent deployment Deploying workgroup agents (non-domain workstations)

Agent Comparison Install an agent to audit ADAM (AD LDS) on workgroup servers Windows Installer Command Line Options

Agent options Coordinator options Web Client options

Agent behavior notes

Agent connection behavior

When an agent comes online, it queries the Active Directory Catalog (GC) for a list of all coordinator SCPs within its same installation to determine which to connect to.

When there are available coordinators within the agent’s site, the agent connects to all coordinators in the site. When there are no coordinators running within the agent’s site, the agent connects to any online coordinator. However, when coordinators within the site come back online, the agent switches to connect to just the coordinators within the same site and drop nonsite coordinator connections. If this behavior is problematic for your environment, contact Quest Technical Support to discuss possible configuration options.

The connection behavior after these initial steps depends on the type of agent:

•

Change Auditor server agents: Starting with Change Auditor 6.0, server agents submit events to all coordinators in the site and load balancing occurs automatically. All connected coordinators can then participate in receiving events from the server agent, allowing a high volume of events to be distributed for processing.

•

Change Auditor workstation agents: The workstation agents randomly connect to a single coordinator. This enables ‘scaling out’ options for large workstation agent deployments within a single site.


	NOTE: A maximum of 10,000 agents (server and workstation) can connect to a single coordinator. If this connection limit is problematic for your environment, contact Quest Technical Support to discuss possible configuration options.

Incompatibility with Symantec Backup Exec CPS agent

Junction point creation may fail on a server where both a Symantec™ Backup Exec™ CPS agent and a Change Auditor agent are running. To resolve the problem, upgrade the CPS agent to 12.5 or later.

Client notes

Disabled audit events

Some events are disabled by default to improve the initial deployment process and reduce the amount of audited event information initially collected. These audited events can easily be enabled on the Audited Events page of the Administration Tasks tab.

See the appropriate Event Reference Guide for a list of the events that are disabled by default.

Enabling encrypted SQL Server connections

By default, connections to a SQL Server are not encrypted; however to encrypt all data transmitted between an application computer and a computer running a SQL Server instance, you can use the Secure Sockets Layer (SSL). For more details on configuring client network protocols, see the following Microsoft article: http://msdn2.microsoft.com/en-us/library/ms190425.aspx

ADAM (AD LDS) auditing

Monitoring ADAM (AD LDS) instances on workgroup servers

Run the appropriate Change Auditor Agent.msi file on the workgroup server to install an agent to monitor ADAM (AD LDS) instances on nondomain servers. See Install an agent to audit ADAM (AD LDS) on workgroup servers for more information.

Change Auditor for SQL Server — SQL auditing

Auditing events on SQL Server

Due to a Microsoft hotfix, agents do not capture SQL-related events unless the following action is taken on the SQL Server:

•

Using SQL Server Configuration Manager, add a startup parameter called ‘-T1906’ on the Startup Parameters tab in the SQL Server Properties dialog.

•

Restart the SQL Server service.

SQL Server auditing for Itanium platform — Not supported

Auditing of SQL Servers running on Itanium platforms is not supported.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen

© ALL RIGHTS RESERVED. Feedback Nutzungsbedingungen Datenschutz Cookie Preference Center