サポートと今すぐチャット

オンラインヘルプの参照
登録の完了

サインイン

価格設定をリクエスト

営業担当に連絡

Change Auditor for Active Directory 7.2 - User Guide

コンテンツのナビゲーション

Change Auditor for Active Directory Overview

Introduction Deployment Requirements Client Components and Features

Custom Active Directory Searches and Reports

Introduction Run the All Active Directory Events report Run the All Group Policy Events report Create custom searches

Custom Active Directory Object Auditing

Introduction Active Directory Auditing page Custom Active Directory object auditing Active Directory Auditing wizard Active Directory event logging

Custom Active Directory Attribute Auditing

Introduction Active Directory Attribute Auditing page Custom Active Directory attribute auditing

Member of Group Auditing

Introduction Member of Group Auditing page Member of Group auditing list Member of Group Auditing wizard

Active Directory Federation Services Auditing

Introduction Active Directory Federation Services Auditing page Active Directory Federation Services auditing templates Active Directory Federation Services Auditing Wizard

ADAM (AD LDS) Auditing

Introduction ADAM (AD LDS) Auditing page Enable ADAM (AD LDS) auditing ADAM (AD LDS) Auditing wizard ADAM (AD LDS) event logging

Active Directory Database Auditing

Introduction Active Directory Database Auditing page Active Directory Database auditing templates Active Directory Database Auditing Wizard

Active Roles Integration

Requirements Deploying Change Auditor/Active Roles integration scripts Client components added to Change Auditor Removing deployed Change Auditor/Active Roles integration scripts Troubleshooting Tips

Quest GPOADmin Integration

Requirements GPOADmin and Change Auditor integration process Client components added to Change Auditor Troubleshooting tips

Active Directory Protection

Introduction Active Directory object protection

Active Directory protection page Active Directory protection templates Active Directory Protection wizard

Group Policy Object protection

Group Policy protection page Group Policy protection templates Group Policy Protection wizard

ADAM (AD LDS) object protection

ADAM (AD LDS) protection page ADAM (AD LDS) protection templates ADAM Protection Wizard

Active Directory Database protection

Active Directory Database protection page Active Directory Database protection templates Active Directory Database Protection wizard

Setting extra security on protected objects

Event Details Pane

Change Auditor for Active Directory Overview

•

•

Deployment Requirements

•

Client Components and Features

Introduction

Quest Change Auditor for Active Directory drives the security and control of Microsoft Active Directory by tracking vital configuration changes in real-time. From GPO and schema to critical group and operational changes, Change Auditor for Active Directory tracks, audits, reports, and alerts on changes that impact your directory without the overhead costs of system-provided auditing.

In addition, Change Auditor for Active Directory allows you to lock down critical Active Directory, ADAM (AD LDS), and Group Policy Objects, to protect them from unauthorized or accidental modifications or deletions.

You can also track on Azure Active Directory changes. Change Auditor correlates activity across the on-premises and cloud environment making it easy to search all events regardless of where they occurred. For more information, see the Change Auditor for Office 365 and Azure Active Directory Auditing User Guide.

To ensure Active Directory compliance, you can automatically generate intelligent and in-depth reports, protecting you against policy violations and avoiding the risks and errors associated with day-to-day modifications. For fast troubleshooting, you always get the original and current values.


	NOTE: Active Directory auditing and protection are only available if you have licensed Change Auditor for Active Directory. If you do not have a valid license you can use the features, however, associated events are not captured. To verify that it is licensed, right-click the coordinator icon in the system tray and select Licensing.

•

For information on the core functionality available in Change Auditor ee the Change Auditor Installation Guide

•

For event details, see the Change Auditor for Active Directory Event Reference Guide.

Deployment Requirements

For a successful deployment, ensure that your environment meets the minimum system requirements. For information about system requirements, see the Change Auditor Release Notes. For details on installing Change Auditor, see the Change Auditor Installation Guide.

Client Components and Features

The following table lists the client components and features that require a valid Change Auditor for Active Directory license. You are not prevented you from using these features; however, associated events or protection are not captured and enforced unless the proper license is applied.


	NOTE: To hide unlicensed Change Auditor features from the Administration Tasks tab (including unavailable audit events throughout the client), use the Action \| Hide Unlicensed Components menu command. Note that this command is only available when the Administration Tasks tab is the active page.

Table 1. Change Auditor for Active Directory components and features

Component and Feature:

Administration Tasks Tab

Agent Configuration Page:

•

Event Logging - enable/disable event logging:

•

Active Directory

•

NOTE: See Custom Active Directory Object Auditing for information about enabling event auditing.

Auditing Task List:

•

Active Directory

•

•

Member of Group

•

•

NOTE: See Custom Active Directory Object Auditing, Custom Active Directory Attribute Auditing, Member of Group Auditing, or ADAM (AD LDS) Auditing for information about defining custom Active Directory auditing.

Protection Task List:

•

Active Directory

•

•

NOTE: See Active Directory Protection for more information about defining Active Directory object, ADAM object, and Group Policy object protection.

Event Details Pane

•

•

•

Type (AD events associated with groups)

•

Policy (Group Policy)

•

Section (Group Policy)

•

Item (Group Policy)

•

•

•

Simple Bind (AD)

•

Restore Value tool bar button

NOTE: See the Event Details Pane appendix for more information.

NOTE: See Custom Active Directory Searches and Reports for more information.

•

Configuration Monitoring

•

Connection Object

•

Custom AD Object Monitoring

•

Custom Computer Monitoring

•

Custom Group Monitoring

•

Custom User Monitoring

•

•

•

Domain Configuration

•

Dynamic Access Control

•

Forest Configuration

•

•

Group Policy Item

•

Group Policy Object

•

•

NETLOGON Service

•

•

Organizational Unit (OU)

•

Replication Transport

•

Schema Configuration

•

Site Configuration

•

Site Link Bridge Configuration

•

Site Link Configuration

•

•

Count of Events by:

•

Subsystem | Active Directory | Attributes

•

Subsystem | Active Directory | Object

•

Subsystem | Active Directory | Object Class

•

Subsystem | Group Policy

Search Properties

•

Subsystem | Active Directory

•

Subsystem | ADAM (AD LDS)

•

Subsystem | Group Policy

•

NOTE: See Custom Active Directory Searches and Reports for information about using the What tab to create custom Active Directory search queries.

Built-in Reports:

•

All reports that include the events in the facilities listed above.

Alert Body Configuration Dialog - Event Details Tab

Variables (email tags):

•

AD_SAMACCOUNTNAME

•

•

AD_FAILURE_REASON

•

•

AD_USERPRINCIPALNAME

•

ADAM_CONFIGURATIONSET

•

ADAM_INSTANCENAME

•

ADAM_INSTANCEPORT

•

ADAM_PARTITIONNAME

•

GPO_POLICYCANONICAL

•

•

•

GPO_POLICYSECTION

NOTE: See the Quest Change Auditor User Guide for a description of these email tags and how to configure alert email notifications.

セルフ・サービス・ツール: ナレッジベース; 通知および警告; 製品別サポート; ソフトウェアのダウンロード; 技術文書; ユーザーフォーラム; ビデオチュートリアル; RSSフィード

お問い合わせ: ライセンスアシスタンスの取得; Technical Support; すべて表示

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択

© ALL RIGHTS RESERVED. 利用規約プライバシー Cookie Preference Center