Chat now with support
Chat mit Support

Active Administrator 8.7 - Installation Guide

Installation Considerations for Active Administrator Installing and configuring Active Administrator Appendix: Active Administrator Server Manager

Creating alerts

A wizard guides you through creating a new Active Administrator alert. Alerts provide you the opportunity to combine different conditions into one alert that is sent to specified email recipients. You also can add a filter to the alert to further isolate audit events for the recipient.

1
Select Auditing & Alerting | Alerts.
2
Click New.
3
On the Welcome page, click Next.
6
Click Next.
To add a new email address, click Add and type the email address.
8
Click Next.
To filter the list, type text in the Filter box. The list changes as you type characters. The definitions displayed contain the characters you type. For example, if you type com, the definitions displayed may contain the words Completed or Computer.
To show only selected definitions, open the Show box, and choose Selected.
To show only unselected definitions, open the Show box, and choose Unselected.
10
Click Next.
a
Click Add to add a new alert filter.
Click Edit to edit a selected alert filter.
b
Select if the email Contains or Does not contain the condition text.
d
By default the filter conditions are combined using the OR operator. If you want to connect with the AND operator, select AND all conditions.
12
Click Next.
a
Click Add to add a new quiet time.
Click Edit to edit a selected quiet time.
b
Select Enabled. To disable a quiet time, clear the check box.
c
Select All Days or specify a specific day.
14
Click Next.
a
Click Add to add a new threshold.
Click Edit to edit a selected threshold.
b
Select Enabled. To disable a threshold, clear the check box.
19
Click Next.
a
Select Enabled. To disable an action, clear the check box.
e
16
Click Next.
18
Click Finish.

Setting up workstation logon auditing

With workstation logon auditing, you can audit user logon and logoff events including lock and unlock. Enabling the default port adds these workstation events to the event definitions:

See also:

Deploying the workstation logon audit agent

To audit user logon events, you must enable workstation logon auditing and deploy the workstation logon audit agent to workstations and member servers. Once enabled, the workstation logon auditing service will send messages to the Active Administrator server.

1
Select Configuration | User Logon Agent Settings.
3
Click Save.
Copy ActiveAdministrator.admx to C:\Windows\PolicyDefinitions on a domain controller.
Copy ActiveAdministrator.adml to C:\Windows\PolicyDefinitions\en-US on a domain controller.
Copy Active Administrator 8.7 Workstation Audit Agent.msi to a share where everyone has access.
5
Edit the GPO. Navigate to Computer Configuration | Policies | Software Settings | Software installation, right click and choose New | Package.
6
Select the Active Administrator 8.7 Workstation Audit Agent.msi package that you copied in step 2.
7
Choose the Assigned deployment method, and click OK.
8
On the same GPO, navigate to Computer Configuration | Administrative Templates | Quest Software | Active Administrator, and edit the Enable Workstation Audit Agent setting.
Select Enabled.
In the Server Name box, type the fully qualified domain name (FQDN) of the Active Administrator server.
In the Server Port box, type 15601.

Enabling the default port

If Windows Firewall is enabled on the workstation where the workstation logon auditing agent is installed, you need to create an exception to allow communication with Active Administrator® Foundation Service (AFS) through port 15601.

1
On the workstation where the workstation logon auditing agent is installed, start the Windows Firewall with Advanced Security snap-in, right-click on Outbound Rules, and choose New Rule.
2
Select Port.
3
Click Next.
4
Select Specific local ports, and type 15601.
5
Click Next.
6
Select Allow the connection.
7
Click Next.
8
Click Next.
10
Click Finish.
Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen