Installation Considerations for Active Administrator
System requirements
Server hardware requirements
Server software requirements
SQL Server requirements
Console requirements
Audit agents requirements
Workstation logon audit agents requirements
Web Console requirements
System Center requirements
Port requirements
User privilege requirements
Active Administrator module requirements
Installing and configuring Active Administrator
Home
Search
Certificates
Security and Delegation
Active Directory Health
Active Directory Health minimum permissions
Required permissions for Active Directory Health
Active Administrator Data Services (ADS) requirements
Data collectors requirements
Auditing & Alerts
Group Policy
Active Directory Recovery
DC Management
DNS Management
Active Administrator Module Configuration
Active Directory Health module
Active Directory Health Module Configuration
Agents
Notifications
Troubleshooter
AFS service account minimum permissions
Diagnostic Console minimum permissions
Backing up your data
Installing Active Administrator server
Configuring the server
Appendix: Active Administrator Server Manager
To run the AA Configuration Wizard
Applying a license file
Using a passphrase
Setting the Active Administrator database
Setting the Active Administrator archive database
Configuring purge and archive settings
Storing Active Administrator data
Setting up features and the owner
Configuring active template delegation enforcement
Configuring group policy history
Configuring Active Directory backups
Configuring Active Administrator users
Configuring service accounts
Connecting to System Center Operations Manager and Enabling SNMP Notifications
Reviewing selections
Installing Active Administrator console
Setting up the console
Setting up workstation logon auditing
Using Active Administrator
Starting the Active Administrator Server Manager
Managing the Active Administrator Foundation and Data Services
Managing Security
Managing the passphrase
Managing Active Administrator file security
Managing Active Administrator database security
Recovering from a lost passphrase
Managing Notification Services
Web Server Configuration
Deploying the workstation logon audit agent
To enable workstation logon auditing
|
1 |
Select Configuration | User Logon Agent Settings. |
|
3 |
Click Save. |
To deploy the workstation logon agent from a GPO
|
• |
Copy ActiveAdministrator.admx to C:\Windows\PolicyDefinitions on a domain controller. |
|
• |
Copy ActiveAdministrator.adml to C:\Windows\PolicyDefinitions\en-US on a domain controller. |
|
• |
Copy Active Administrator 8.8 Workstation Audit Agent.msi to a share where everyone has access. |
|
4 |
Open the Group Policy Management Console (GPMC) and create a new Group Policy Object (GPO), such as Active Administrator Workstation Logon Agent. |
|
5 |
Edit the GPO. Navigate to Computer Configuration | Policies | Software Settings | Software installation, right click and choose New | Package. |
|
6 |
Select the Active Administrator 8.8 Workstation Audit Agent.msi package that you copied in step 2. |
|
7 |
|
8 |
On the same GPO, navigate to Computer Configuration | Administrative Templates | Quest Software | Active Administrator, and edit the Enable Workstation Audit Agent setting. |
|
• |
Select Enabled. |
|
• |
In the Server Name box, type the fully qualified domain name (FQDN) of the Active Administrator server. |
|
• |
In the Server Port box, type 15601. |
|
9 |
Enabling the default port
If Windows Firewall is enabled on the workstation where the workstation logon auditing agent is installed, you need to create an exception to allow communication with Active Administrator® Foundation Service (AFS) through port 15601.