2 |
Click Auditing. |
3 |
4 |
Click Add to open the Active Directory Auditing wizard, which steps you through the process of defining the objects and object classes to audit. |
6 |
If you selected the This Object, This Object and Child Objects Only, or This Object and All Child Objects option, use the Browse or Search pages to locate the directory object or container to audit. |
7 |
If you selected either the This Object and Child Objects Only or This Object and All Child Objects option, select Next to define the object classes to audit. |
8 |
After selecting the Active Directory objects (and object classes) to audit, click Finish to save your selection, close the wizard and return to the Active Directory Auditing page. |
2 |
4 |
If you selected the This Object, This Object and Child Objects Only, or This Object and All Child Objects option, use the Browse or Search pages to locate the directory object or container to audit. |
5 |
If you selected either the This Object and Child Objects Only or This Object and All Child Objects option, select Next to define the object classes to be audited. |
6 |
After selecting the Active Directory objects (and object classes) to audit, click Finish to save your selection, close the wizard and return to the Active Directory Auditing page. |
2 |
Click Finish to save your selection, close the wizard and return to the Active Directory Auditing page. |
1 |
On the Active Directory Auditing page, place your cursor in the Status cell for the required object, click the arrow control, and select Disabled. |
2 |
2 |
Click Yes to confirm the deletion. |
1 |
On the Active Directory Auditing page, select the required object class and click Delete | Delete Object Class. |
2 |
Click Yes to confirm the deletion. |
The Active Directory Auditing wizard opens when you select Add or Add | Select Multiple Objects on the Active Directory auditing page. This wizard steps you through the process of defining the custom Active Directory objects to audit.
The following table provides a description of the available fields and controls:
Create or modify Active Directory Auditing page: On the first page of the wizard, select the Active Directory object to audit. | |
Select the appropriate option to specify the scope of coverage (Enterprise is selected by default): Enterprise - to audit the entire enterprise This Object - to audit an individual object This Object and Child Objects Only - to audit an object and its direct child objects This Object and All Child Objects - to audit an object and all of its subordinate objects (all levels) When an option other than Enterprise is selected, the Browse and Search pages allow you to locate and select the Active Directory objects to audit. | |
If you used the Add | Select Multiple Objects option, once you have selected an object, click Add to add it to the list. | |
Use the controls at the top of the Search page to locate an Active Directory object. If you used the Add | Select Multiple Object option, once you have selected an account, click Add to add it to the list. | |
Use the Options page to modify the search options used to retrieve directory objects. | |
Select Object Classes Page: From here you can select at least one object class for auditing.
NOTE: This page is only displayed if the This Object and Child Objects Only or This Object and All Child Objects scope option is selected on the first page of the wizard. | |
Select one or more object classes from the UnAudited Object Class list and click Add to select them for auditing. The selected object classes will be moved to the Audited Object Class list. | |
Select one or more object classes from the Audited Object Class list and click Remove to remove them from auditing. The selected object classes will then be moved back to the UnAudited Object Class list. |
In addition to real-time event auditing, you can enable event logging to capture Active Directory events locally in a Windows event log. This event log can then be collected using InTrust® to satisfy long-term storage requirements.
For Active Directory events, event logging is disabled by default. When enabled, all Active Directory activity is sent to the InTrust for AD event log. See the Quest Change Auditor for Active Directory Event Reference Guide for a list of the events that can be sent to this event log.
2 |
Click Configuration. |
3 |
Select Agent in the Configuration task list to display the Agent Configuration page. |
4 |
Click Event Logging. |
5 |
On the Event Logging dialog, select Active Directory. |
6 |
Click OK to save your selection and close the dialog. |
© ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center