AD Attribute Auditing page
The AD Attribute Auditing page is displayed when Active Directory | Attributes is selected from the Auditing task list in the navigation pane of the Administration Tasks page. Using the AD Attribute Auditing feature, you can customize Change Auditor to meet your auditing requirements by specifying the individual schema attributes to be audited. In addition to specifying individual attributes for auditing, you can also assign a severity.
|
NOTE: For more information, including a full description of the page, refer to the Quest Change Auditor for Active Directory User Guide. |
|
2 |
Click Auditing. |
|
3 |
Select Attributes under Active Directory in the Auditing task list to open the AD Attribute Auditing page. |
|
5 |
In the Unaudited Attribute list (left pane) select one or more attributes and click Add to select them for auditing. |
|
6 |
To change the severity level assigned to an attribute, in the right pane, click in the Severity cell and use the drop-down arrow to select the severity you want to assign to the selected attribute. |
|
7 |
To remove an attribute from auditing, select the attribute from the right pane and click Remove. Selecting this button moves the selected attribute back into the Unmonitored Attribute list. |
|
8 |
Click Finish to save the selected attributes and close the dialog. |
|
9 |
Once you have selected at least one attribute for auditing, the associated Audited Attributes column will display the number of attributes selected for auditing. This value will also be displayed in the Audited Attributes column back on the Active Directory Auditing page. |
Member of Group Auditing page
The Member of Group Auditing page is displayed when Member of Group is selected from the Auditing task list in the navigation pane of the Administration Tasks page. Using the Member of Group Auditing feature, you can customize Change Auditor to meet your auditing requirements by specifying the users to be audited based on their group membership.
|
NOTE: For more information, including a full description of the page, refer to the Quest Change Auditor for Active Directory User Guide. |
|
2 |
Click Auditing. |
|
3 |
Select Active Directory under the Auditing task list to display the Active Directory Auditing page. Check to ensure that the user object class is removed from auditing and NOT listed on this page. If it is still listed, select it and click Delete | Delete Object Class to remove it from the Active Directory auditing list. |
|
4 |
Once the user object class has been removed, select Member of Group in the Auditing task list to display the Member of Group Auditing page. |
|
5 |
Click Add to display the Member of Group Auditing wizard to locate and select the groups whose users are to be audited by Change Auditor. |
|
6 |
Use the Browse and Search pages to locate and select a group and click Add to add the selected group to the selection list. |
|
7 |
Click Finish to save your selections, close the wizard and return to the Member of Group Auditing page, where your selections will now be listed. |
AD Query Auditing page
The AD Query Auditing page displays when you select AD Query from the Auditing task list in the navigation pane of the Administration Tasks tab. From this page you can specify the Active Directory containers to include and exclude in Active Directory query auditing.
Only objects that are included (and not excluded) are monitored. For example:
|
NOTE: For more information, including a full description of the page, refer to the Change Auditor for Active Directory Queries User Guide. |
|
2 |
Click Auditing. |
|
3 |
Select AD Query (under the Forest heading in the Auditing task list) to open the AD Query Auditing page. |
|
4 |
Click Add to open the AD Query Auditing wizard. |
|
• |
RootDSE - select this option to include the RootDSE object. |
|
• |
This Object and All Child Objects - select this option to specify the containers to include. (Selecting a container will also include any child objects.) |
|
6 |
If the This Object and All Child Objects option is selected, use the Browse and Search pages to locate and select a directory object. Click Add to add the selected directory object to the list at the bottom of the page. |
|
7 |
Click Finish to close the wizard and return to the AD Query Auditing page, where your selections will now be listed. |
|
2 |
Click Auditing. |
|
3 |
Select AD Query (under the Forest heading in the Auditing task list) to open the AD Query Auditing page. |
|
4 |
Click Add to open the AD Query Auditing wizard. |
|
• |
RootDSE - select this option to exclude the RootDSE object. (Selecting this container will not exclude child objects.) |
|
• |
This Object and All Child Objects - select this option to specify the containers to exclude. (Selecting a container will also exclude any child objects.) |
|
6 |
If the This Object and All Child Objects option is selected, use the Browse and Search pages to locate and select a directory object. Click Add to add the selected directory object to the list at the bottom of the page. |
|
7 |
Click Finish to close the wizard and return to the AD Query Auditing page, where your selections will now be listed. |
ADAM (AD LDS) auditing
Change Auditor for Active Directory allows you to audit Active Directory Application Mode (ADAM) and Active Directory Lightweight Directory Services (AD LDS) events. Use the ADAM (AD LDS) Auditing tasks to define the ADAM instances, the directory objects or containers, the object classes and optionally the individual attributes to be audited.
See the following Administration Tasks page descriptions for more information: