Chat now with support
Chat with Support

Change Auditor for Active Directory 7.0.4 - User Guide

ADAM (AD LDS) Auditing

Introduction

Change Auditor allows you to monitor Active Directory Application Mode (ADAM) and Active Directory Lightweight Directory Services (AD LDS) events. AD LDS provides directory services for directory-enabled applications without a risk compromising your Active Directory database.

NOTE: There are some special installation considerations for auditing ADAM (AD LDS) on workgroup servers. Refer to the Installing Change Auditor to Monitor ADAM (AD LDS) on Workgroup Servers appendix in the Change Auditor Installation Guide for more information.

To audit ADAM (AD LDS), you must first define the ADAM instances, the directory objects or containers, the object classes and optionally the individual attributes through the following pages on the Administration Tasks tab:

 

ADAM (AD LDS) Auditing page

The ADAM (AD LDS) Auditing page contains a list of ADAM (AD LDS) instances and the associated object classes selected for auditing. This page displays when you select ADAM (AD LDS) from the Auditing task list in the navigation pane of the Administration Tasks tab.

The ADAM (AD LDS) Auditing page contains an expandable view of the ADAM (AD LDS) instances selected for auditing. The view groups the information by agent, which can be expanded to view the object classes and monitored attributes. To add an instance to this list, click Add. Once added, the following information will be displayed:

The page consists of the following information/controls:

In addition to the attribute, the assigned severity is also displayed. To change the severity level assigned to an attribute, place your cursor in the Severity cell and use the drop-down arrow to select the severity you want to assign to the selected attribute.
Select one or more attributes from the Unmonitored Attribute list and click Add to select them for auditing. The selected attributes will be moved to the Monitored Attribute list box.
Select one or more attributes from the Monitored Attribute list and click Remove to remove them from auditing. The selected attribute will then be moved back to the Unmonitored Attribute list box.

Enable ADAM (AD LDS) auditing

2
Click Auditing.
3
Select ADAM (AD LDS) in the Auditing task list.
4
Click Add to open the ADAM (AD LDS) Auditing wizard.
8
After selecting one or more object classes, click Finish to save your selection and close the wizard.
9
On the Administration Tasks tab, select ADAM (AD LDS) | Attributes in the Auditing task list to open the ADAM (AD LDS) Attribute Auditing page.
11
In the Unmonitored Attribute list, located in the lower left-hand pane of this page, select one or more attributes and click Add to select them for auditing. The selected attributes will be moved to the Monitored Attribute list.
12
To change the severity level assigned to an attribute, in the Monitored Attribute list, place your cursor in the Severity cell, click the arrow control and select the severity you want to assign to the selected attribute.
13
To remove an attribute from auditing, select the attribute in the Monitored Attribute list and click Remove. The selected attribute will then be moved back into the Unmonitored Attribute list.
Related Documents