지금 지원 담당자와 채팅
지원 담당자와 채팅

Change Auditor for Active Directory 7.2 - User Guide

Change Auditor for Active Directory Overview Custom Active Directory Searches and Reports Custom Active Directory Object Auditing Custom Active Directory Attribute Auditing Member of Group Auditing Active Directory Federation Services Auditing ADAM (AD LDS) Auditing Active Directory Database Auditing Active Roles Integration Quest GPOADmin Integration Active Directory Protection Event Details Pane

Introduction

Using custom attribute auditing, you can specify individual schema attributes to audit and assign a severity to the audited attributes. A new event will be added for each attribute selected for auditing. Once set, these events are identified with “Custom” in the facility name.

* 
NOTE: Starting with Change Auditor 5.6, the attributes that can be set using the User Properties dialog in Active Directory Users and Computers (ADUC) are audited by default. If you have added custom attribute auditing for any of these attributes, you will receive two events when changes to these user attributes are made:
A Custom User Monitoring event for the built-in user attribute event.
A Custom AD Object Monitoring event for the custom attribute event (user attribute specified on Active Directory Attribute Auditing page).

To eliminate duplicate events, you can remove the user attribute from the Active Directory Attribute Auditing page which will prevent the custom attribute event from being generated.

* 
NOTE: Change Auditor does not audit ‘constructed’ attributes, which are built from other normal attributes. To audit the changes made to these attributes, you need to audit the normal attributes associated with a constructed attribute.
* 
NOTE: To use custom attribute auditing, you must be logged in to Change Auditor with an account with Enterprise Admin privileges.

Active Directory Attribute Auditing page

The Active Directory Attribute auditing page displays when you select Active Directory | Attributes from the Auditing task list in the navigation pane of the Administration Tasks page. From here you can specify individual schema attributes to audit and assign the severity.

This page consists of the following information/controls:

* 
NOTE: Authorization to use the administration tasks on the Administrations Tasks tab is defined using the Application User Interface page under the Configuration task list. If you are denied access to the tasks on this page, see the Quest Change Auditor User Guide for information on how to gain access.
Attributes list
The list box located across the top of this page lists the object classes that can be selected to define attribute auditing. It contains the object classes selected on the Attributes Auditing page.
In addition to the name of the object class, the assigned severity and number of custom attributes selected for auditing within each object class are also displayed.
* 
NOTE: The default set of attributes (added, moved, removed and renamed) are always being audited, but they are not included in the Monitored Attributes count on this page. This count only includes the custom attributes selected for auditing.
Selecting an entry in this list, will populate the list boxes across the bottom of the dialog with the applicable attributes.
Unmonitored Attribute list
The list box located in the lower left-hand pane of this page displays the attributes that are currently NOT being audited by Change Auditor for the schema class selected in the Attributes list.
Monitored Attribute list
The list box located in the lower right-hand pane contains the attributes that are currently selected for auditing by Change Auditor for the schema class selected in the Attributes list.
In addition to the attribute, the assigned severity is also displayed. To change the severity level assigned to an attribute, place your cursor in the Severity cell and use the drop-down arrow to select the severity you want to assign to the selected attribute.
Add
Select one or more attributes from the Unmonitored Attribute list and click Add to select them for auditing. The selected attributes are moved to the Monitored Attribute list box.
* 
NOTE: You can also double-click an attribute to select it for auditing or ‘drag and drop’ it into the Monitored Attribute list.
Remove
Select one or more attributes from the Monitored Attribute list and click Remove to remove them from auditing. The selected attributes are moved back to the Unmonitored Attribute list box.
* 
NOTE: You can also double-click an attribute to remove it from auditing or ‘drag and drop’ it back into the Unmonitored Attribute list.

Custom Active Directory attribute auditing

To define custom attribute auditing:
1
Open the Administration Tasks tab.
2
Click Auditing.
3
Select Attributes under Active Directory in the Auditing task list.
4
Select an object class from the list located across the top of this page. (This list box contains the default object classes and the object classes selected on the Active Directory Auditing page.)
Selecting an entry in this list will populate the lists across the bottom of the dialog with the applicable attributes.
If your current installation includes a foreign forest, the Select Foreign Forest dialog opens where you can select the required forest.
5
In the Unmonitored Attribute list, located in the lower left pane of this page, select one or more attributes and click Add to select them for auditing.
You can also double-click an attribute to select it for auditing or ‘drag and drop’ it into the Monitored Attribute list.
6
To change the severity level assigned to an attribute, in the right-hand list box, place your cursor in the Severity cell and use the drop-down arrow to select the severity you want to assign to the selected attribute.
7
To remove an attribute from auditing, select the attribute from the right-pane and click Remove. This moves the selected attribute back into the Unmonitored Attribute list.
You can also double-click an attribute to remove it from auditing or ‘drag and drop’ it back into the Unmonitored Attribute list.
8
Once you have selected at least one attribute for auditing, the associated Monitored Attributes column in the list box across the top of this page will display the number of attributes selected for auditing. This value will also be displayed in the Monitor Attributes column back on the Active Directory Auditing page.

 

Member of Group Auditing
Introduction
Member of Group Auditing page
Member of Group auditing list
Member of Group Auditing wizard
관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택