Chat now with support
Chat mit Support

Active Administrator 8.7 - User Guide

Active Administrator Overview User Provisioning Certificates Security & Delegation  Active Directory Health
Switching to Active Directory Health Using the Active Directory Health landing page Installing Active Directory Health Analyzer agents Using the Active Directory Health Analyzer agent configuration utility Excluding domain controllers Managing the Remediation Library Analyzing Active Directory health Analyzing Azure Active Directory Managing Active Directory Health Analyzer alerts Managing alert notifications Pushing alerts to System Center Operations Manager and SNMP managers Managing monitored domain controllers Managing data collectors Active Directory Health Templates Managing Active Directory Health Analyzer agents Using the Troubleshooter Recovering Active Directory Health data
Auditing & Alerting Group Policy Active Directory Recovery Active Directory Infrastructure DC Management DNS Management Configuration
Using the Configuration landing page Managing tasks Defining role-based access Setting email server options Configuring SCOM and SNMP Settings Setting notification options Setting Active Template options Setting agent installation options Setting recovery options Setting GPO history options Setting certificate configuration Setting service monitoring policy Managing archive databases Migrating data to another database Setting a preferred domain controller Setting up workstation logon auditing Managing configuration settings Setting user options Managing the Active Directory server
Diagnostic Console Alerts Appendix
Domain controller alerts
Active Directory Certificate Services service is not running Active Directory Domain Services is not running Active Directory Web Services service is not running Consecutive replication failures DC cache hits DC DIT disk space DC DIT log file disk space DC LDAP load DC LDAP response too slow DC Memory Usage DC properties dropped DC RID pool low DC SMB connections DC SYSVOL disk space DC time sync lost Detected NO_CLIENT_SITE record DFS Replication service not running DFS service is not running DFSR conflict area disk space DFSR conflict files generated DFSR RDC not enabled DFSR sharing violation DFSR staged file age DFSR staging area disk space DFSR USN records accepted DFSRS CPU load DFSRS unresponsive DFSRS virtual memory DFSRS working set DNS Client Service is not running Domain controller CPU load Domain controller page faults Domain controller unresponsive File Replication Service is not running File replication (NTFRS) staging space free in kilobytes GC response too slow Group policy object inconsistent Hard disk drive Intersite Messaging Service is not running Invalid primary DNS domain controller address Invalid secondary DNS domain controller address KDC service is not running LSASS CPU load LSASS virtual memory LSASS working set Missing SRV DNS record for either the primary or secondary DNS server NETLOGON not shared NetLogon service is not running Orphaned group policy objects exist Physical memory Power supply Primary DNS resolver is not responding Secondary DNS resolver is not responding Security Accounts Manager Service is not running SRV record is not registered in DNS SYSVOL not shared W32Time service is not running Workstation Service is not running
Domain alerts Site alerts Forest alerts Azure Active Directory Connect alerts
Event Definitions PowerShell cmdlets

Enabling workstation auditing

Previous Next



Enabling workstation auditing

To enable workstation logon auditing
1
Select Configuration | User Logon Agent Settings.
NOTE: If Windows® Firewall is enabled on the workstation where the Active Administrator Workstation Logon Auditing Agent is installed, you need to create an exception to allow communication with Active Administrator Foundation Service (AFS) through port 15601. See Enabling the default port for the workstation logon auditing agent.
3
Click Save.

Deploying the workstation logon agent from a GPO

Previous Next



Deploying the workstation logon agent from a GPO

To deploy the workstation logon agent from a GPO
Copy ActiveAdministrator.admx to C:\Windows\PolicyDefinitions on a domain controller.
Copy ActiveAdministrator.adml to C:\Windows\PolicyDefinitions\en-US on a domain controller.
Copy Active Administrator 8.7 Workstation Audit Agent.msi to a share where everyone has access.
5
Edit the GPO. Navigate to Computer Configuration | Policies | Software Settings | Software installation, right click and choose New | Package.
6
Select the Active Administrator 8.7 Workstation Audit Agent.msi package that you copied in step 2.
7
Choose the Assigned deployment method, and click OK.
8
On the same GPO, navigate to Computer Configuration | Administrative Templates | Quest Software | Active Administrator, and edit the Enable Workstation Audit Agent setting.
Select Enabled.
In the Server Name box, type the fully qualified domain name (FQDN) of the Active Administrator server.
In the Server Port box, type 15601.

Enabling the default port for the workstation logon auditing agent

Previous Next


Configuration > Setting up workstation logon auditing > Enabling the default port for the workstation logon auditing agent

Enabling the default port for the workstation logon auditing agent

If Windows Firewall is enabled on the workstation where the workstation logon auditing agent is installed, you need to create an exception to allow communication with Active Administrator® Foundation Service (AFS) through port 15601.

To enable the default port
2
Select Port.
3
Click Next.
4
Select Specific local ports, and type 15601.
5
Click Next.
6
Select Allow the connection.
7
Click Next.
8
Click Next.
10
Click Finish.

Managing configuration settings

Previous Next


Configuration > Managing configuration settings

Managing configuration settings

The Settings menu offers many options to help you customize and manage Active Administrator®.

Topics 
Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen