Change Auditor for Active Directory 7.0.2 - User Guide

Change Auditor for Active Directory Overview

Introduction

Quest Change Auditor for Active Directory drives the security and control of Microsoft Active Directory by tracking vital configuration changes in real-time. From GPO and schema to critical group and operational changes, Change Auditor for Active Directory tracks, audits, reports, and alerts on changes that impact your directory without the overhead costs of native auditing.

In addition, Change Auditor for Active Directory allows you to lock down critical Active Directory, ADAM (AD LDS), and Group Policy Objects, to protect them from unauthorized or accidental modifications or deletions.

You can also track on Azure Active Directory changes. Change Auditor correlates activity across the on-premises and cloud environment making it easy to search all events regardless of where they occurred. For more information, see the Change Auditor for Office 365 and Azure Active Directory Auditing User Guide.

To ensure Active Directory compliance, you can automatically generate intelligent and in-depth reports, protecting you against policy violations and avoiding the risks and errors associated with day-to-day modifications. For fast troubleshooting, you always get the original and current values.

Deployment Requirements

For a successful deployment, ensure that your environment meets the minimum system requirements. For information about system requirements, see the Change Auditor Release Notes. For details on installing Change Auditor, see the Change Auditor Installation Guide.

Client Components and Features

The following table lists the client components and features that require a valid Change Auditor for Active Directory license. You are not prevented you from using these features; however, associated events or protection are not captured and enforced unless the proper license is applied.

NOTE: To hide unlicensed Change Auditor features from the Administration Tasks tab (including unavailable audit events throughout the client), use the Action | Hide Unlicensed Components menu command. Note that this command is only available when the Administration Tasks tab is the active page.

Administration Tasks Tab

Agent Configuration Page:

NOTE: See Custom Active Directory Object Auditing for information about enabling event auditing.

Auditing Task List:

Protection Task List:

NOTE: See Active Directory Protection for more information about defining Active Directory object, ADAM object, and Group Policy object protection.

Event Details Pane

What Details:

Restore Values tool bar button

NOTE: See the Event Details Pane appendix for more information.
NOTE: See Searches and reports for more information.

Events

Facilities:

Overview Page

Count of Events by:

Search Properties

What Tab:

NOTE: See Custom Active Directory Searches and Reports for information about using the What tab to create custom Active Directory search queries.

Searches Page

Built-in Reports:

Alert Body Configuration Dialog - Event Details Tab

Variables (email tags):

NOTE: See the Quest Change Auditor User Guide for a description of these email tags and how to configure alert email notifications.

 

 

自助服务工具
知识库
通知和警报
产品支持
下载软件
技术说明文件
用户论坛
视频教程
联系我们
获得许可 帮助
技术支持
查看全部
相关文档