How to exclude processes from Active Directory Database protection
説明
I have a protection on the DIT file where the excluded process is listed as WMIPRVSE.EXE, which should be excluded from protection but it is being used by Active Administrator every 5 mins on each domain controller and is being captured in Change Auditor, thus showing up in Security Guardian.
対策
In the Client, open Administration tasks | Protection | Active Directory Database
Edit the Active Directory Database template
Press the [...] on the You are viewing processes on and select a Domain Controller
Pick the process(es) you do not want to audit example - anti-virus or backup processes.
Click Add and Finish
Refresh agent configuration or wait 15 minutes for the configuration changes to take effect
