The ADAM (AD LDS) Protection wizard displays when you click Add or Edit on the ADAM (AD LDS) protection page. From the wizard, you can define the ADAM objects and attributes to protect from unauthorized modifications.
The following table provides a description of the available fields and controls:
Select ADAM (AD LDS) instance page: The first page of the wizard displays a list of ADAM (AD LDS) instances running a Change Auditor agent in your environment. | |||||
This list includes the following information about each ADAM (AD LDS) instance listed:
| |||||
Select ADAM (AD LDS) Objects to Protect page: On this page, enter a name for the template and select the objects to be protected. | |||||
After you have selected an object, click Add to add it to the list. | |||||
After you have selected an object, click Add to add it to the list. | |||||
| |||||
By default, the create, modify attributes and delete operations are selected. To change this setting, use the drop-down arrow in the Denied Operations cell and select or clear operations. | |||||
By default, the scope of coverage is set to This object only. To change this setting, use the drop-down menu in the Scope cell to select a different scope. | |||||
(Optional) Select Attributes to Protect page: By default all attributes for the selected objects will be protected. However, you can use this page to protect individual attributes or to exclude individual attributes from protection. | |||||
Use to move the attributes selected in the Attributes list over to the Selected Attributes list. | |||||
Selected Attributes list |
The list box to the right displays the attributes to be included in the protection template. | ||||
Use the Browse or Search page to select the user or group accounts. | |||||
Use the Browse or Search page to select the user or group accounts. | |||||
After you have selected an account, click Add to add it to the list. | |||||
After you have selected an account, click Add to add it to the list. | |||||
Use to modify the search options used to retrieve directory objects. | |||||
|
This page displays when you select Active Directory Database from the Protection task list in the navigation pane of the Administration Tasks tab. From here, you can start the Active Directory Database protection wizard to define your Active Directory Database protection template to protect your Active Directory database from unauthorized access. You can also edit existing templates, disable and enable templates, and remove templates that are no longer being used.
Once added, the following information is provided for each template:
1 |
Open the Administration Tasks tab. |
2 |
Click Protection. |
3 |
Select Active Directory Database in the Protection task list. |
4 |
Click Add to open the Active Directory Database Protection wizard. |
7 |
Select one or more processes from the process list and click Add to move these processes to the exclusion list. By default, all processes (except lsass.exe) will be protected from accessing the Active Directory database. |
8 |
Click Finish or Finish and Assign to Agent Configuration to assign the template to an Agent Configuration immediately. |
• |
On the Agent Configuration page, select the agents assigned to use the modified agent configuration and click Refresh Configuration to ensure the agents are using the latest configuration. |
1 |
On the Active Directory Database Protection page, select the required template and click Edit. This opens the Active Directory Database Protection wizard where you can modify the current settings. |
2 |
Click Finish to save your changes and return to the Active Directory Database Protection page. |
Disabling a template temporarily stops protection without having to remove the protection template.
2 |
To enable the protection template, select Enable in the Status cell. |
1 |
On the Active Directory Database Protection page, select the required template and click Delete | Delete Template. |
2 |
Click Yes to confirm. |
© ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center