• Conviértase en un profesional en el portal de soporte
• Descargar
• Imprimir
• Mis descargas ()

• Soporte
• Documentación técnica
• Change Auditor for Active Directory Queries 7.3
• Change Auditor for Active Directory Queries 7.3 - User Guide

Change Auditor for Active Directory Queries 7.3 - User Guide

Navegación de contenido  

Change Auditor for Active Directory Queries Overview

Introduction Deployment requirements Client components/features

Configure AD Query Auditing

Introduction AD Query Auditing wizard AD Query settings

Active Directory Query Searches/Reports

Introduction Run AD Query reports Create custom AD Query search

AD Query Event Details

• Visualización de Temas 1 - 4 de 13

×

Change Auditor for Active Directory Queries Overview

•	Introduction

•	Deployment requirements

•	Client components/features

Introduction

Many applications use Active Directory as an LDAP directory to provide user credentials, group membership information, and other application data. During a directory migration or restructuring project, such as a corporate acquisition, it is important to understand the ways that applications use the directory before migrating the directory structure, to avoid unnecessary application downtime. Obtaining this information from Windows audit logs is extremely difficult, as it requires setting SACLs and aggregating security audit logs from all domain controllers in the environment.

Change Auditor monitors directory access across all domain controllers in the environment and aggregates that information in a central database identifying LDAP-enabled applications and how they use Active Directory. The LDAP access data gathered by Change Auditor can then be used during Active Directory forest migration and restructuring projects.

NOTE: Active Directory query auditing is only available if you have licensed Change Auditor for Active Directory Queries. If you do not have a valid license you can use the features, however, associated events are not captured. To verify that it is licensed, right-click the coordinator icon in the system tray and select Licensing.

•

Deployment requirements

For a successful deployment, ensure that your environment meets the minimum system requirements. For information on system requirements, see the Change Auditor Release Notes. For details on installing Change Auditor, see the Change Auditor Installation Guide.

Client components/features

The following table lists the client components and features that require a valid Change Auditor for Active Directory Queries license. The product will not prevent you from using these features; however, associated events will not be captured unless the proper license is applied.

NOTE: To hide unlicensed Change Auditor features from the Administration Tasks tab (including unavailable audit events throughout the client), use the Action | Hide Unlicensed Components menu command. Note this command is only available when the Administration Tasks tab is the active page.

 

Table 1. Change Auditor for Active Directory Queries client components/features

Client page	Feature
Administration Tasks tab	Agent Configuration page: • Configuration Setup Dialog - AD Query Events settings • Discard query results less than nn records • Discard queries taking less than nn milliseconds • Discard duplicate queries occurring within nn minutes • AD Query auditing enabled Audit Task list: • AD Query NOTE: See Configure AD Query Auditing for information on using these settings for Active Directory query auditing.
Event Details pane	What details: • Type • Scope • Results • SSL/TLS • Kerberos • Simple Bind • Port • Occurrences • Since • Elapsed • Filter • Attributes NOTE: See the AD Query Event Details appendix for a description of these fields.
Events	Facilities: • AD Query
Search Properties	What tab: • Subsystem | AD Query NOTE: See Active Directory Query Searches/Reports for information on using the What tab to create custom Active Directory query search queries.
Searches page	Built-in Reports: • All reports that include the event in the AD Query facility.
Advanced tab/Search Results page	Columns: • LDAP Attributes • LDAP Elapsed • LDAP Filter • LDAP Occurrences • LDAP Results • LDAP Scope • LDAP Since • LDAP Type
Alert Body Configuration dialog - Event Details tab	Variables (email tags): • LDAP_ATTRIBUTES • LDAP_ELAPSED • LDAP_FILTER • LDAP_OCCURRENCES • LDAP_RESULTS • LDAP_SCOPE • LDAP_SINCE • LDAP_TYPE NOTE: See the Change Auditor User Guide for a description of these email tags and how to configure alert email notifications.

 

 

•  Anterior
• Visualización de Temas 1 - 4 de 13
• Siguiente 

Buscar este documento Buscar todos los documentos para esta versión de producto Buscar todos los documentos para este producto Buscar todos los documentos

Herramientas de autoservicio

Base de conocimientos

Notificaciones y alertas

Soporte de productos

Descargas de software

Documentación técnica

Foros de usuarios

Tutoriales en video

Aviso de actualizaciones de páginas web (RSS)

Comuníquese con nosotros

Obtenga asistencia con las licencias

Soporte Técnico

Ver todos

×

 Bienvenido al portal de soporte

Puede encontrar ayuda de soporte en línea para el *producto* Quest en un sitio de soporte afiliado. Haga clic en Continuar para ser dirigido al contenido de soporte y a la asistencia adecuados para el *producto*.

Documentos relacionados

The document was helpful.

Seleccionar calificación

I easily found the information I needed.

Seleccionar calificación

© ALL RIGHTS RESERVED. Términos de uso Privacidad Cookie Preference Center