How does the Change Auditor Agent determine the group membership of Active Directory groups "Allowed to Access Protected Objects"
説明
When Change Auditor Protection templates are configured with Active Directory groups added to the "Select Account Allowed to Access Protected Objects" page, how does the Change Auditor Agent determine if a user account accessing the Protected Object is a member of the group?
対策
The Change Auditor agent reads the user's Windows Access token and then call the "CheckTokenMembership" function for each SID in the Protected Object exclusion list to verify if the access token contains any of the SIDs.
