立即与支持人员聊天
与支持团队交流

Change Auditor for Active Directory 7.0.2 - User Guide

Change Auditor for Active Directory Overview
Introduction
Deployment Requirements
Client Components and Features

Introduction

Quest Change Auditor for Active Directory drives the security and control of Microsoft Active Directory by tracking vital configuration changes in real-time. From GPO and schema to critical group and operational changes, Change Auditor for Active Directory tracks, audits, reports, and alerts on changes that impact your directory without the overhead costs of native auditing.

In addition, Change Auditor for Active Directory allows you to lock down critical Active Directory, ADAM (AD LDS), and Group Policy Objects, to protect them from unauthorized or accidental modifications or deletions.

You can also track on Azure Active Directory changes. Change Auditor correlates activity across the on-premises and cloud environment making it easy to search all events regardless of where they occurred. For more information, see the Change Auditor for Office 365 and Azure Active Directory Auditing User Guide.

To ensure Active Directory compliance, you can automatically generate intelligent and in-depth reports, protecting you against policy violations and avoiding the risks and errors associated with day-to-day modifications. For fast troubleshooting, you always get the original and current values.

* 
NOTE: Active Directory auditing and protection are only available if you have licensed Change Auditor for Active Directory. If you do not have a valid license you can use the features, however, associated events are not captured. To verify that it is licensed, right-click the coordinator icon in the system tray and select Licensing.

For information on the core functionality available in Change Auditor ee the Change Auditor Installation Guide
For event details, see the Change Auditor for Active Directory Event Reference Guide.

Deployment Requirements

For a successful deployment, ensure that your environment meets the minimum system requirements. For information about system requirements, see the Change Auditor Release Notes. For details on installing Change Auditor, see the Change Auditor Installation Guide.

Client Components and Features

The following table lists the client components and features that require a valid Change Auditor for Active Directory license. You are not prevented you from using these features; however, associated events or protection are not captured and enforced unless the proper license is applied.

* 
NOTE: To hide unlicensed Change Auditor features from the Administration Tasks tab (including unavailable audit events throughout the client), use the Action | Hide Unlicensed Components menu command. Note that this command is only available when the Administration Tasks tab is the active page.
 
Table 1. Change Auditor for Active Directory components and features
Page
Component and Feature:

Administration Tasks Tab

Agent Configuration Page:
Event Logging - enable/disable event logging:
Active Directory
ADAM (AD LDS)
NOTE: See Custom Active Directory Object Auditing for information about enabling event auditing.

Auditing Task List:
Active Directory
Attributes
Member of Group
ADAM (AD LDS)
Attributes
NOTE: See Custom Active Directory Object Auditing, Custom Active Directory Attribute Auditing, Member of Group Auditing, or ADAM (AD LDS) Auditing for information about defining custom Active Directory auditing.

Protection Task List:
Active Directory
ADAM (AD LDS)
Group Policy
NOTE: See Active Directory Protection for more information about defining Active Directory object, ADAM object, and Group Policy object protection.

Event Details Pane

What Details:
Class (AD)
Object (AD)
Type (AD events associated with groups)
Policy (Group Policy)
Section (Group Policy)
Item (Group Policy)
SSL/TLS (AD)
Kerberos (AD)
Simple Bind (AD)
Port (AD)

Restore Values tool bar button

NOTE: See the Event Details Pane appendix for more information.
NOTE: See Searches and reports for more information.

Events

Facilities:
Configuration Monitoring
Connection Object
Custom AD Object Monitoring
Custom Computer Monitoring
Custom Group Monitoring
Custom User Monitoring
DNS Service
DNS Zone
Domain Configuration
Dynamic Access Control
Forest Configuration
FRS Service
Group Policy Item
Group Policy Object
IP Security
NETLOGON Service
NTDS Service
Organizational Unit (OU)
Replication Transport
Schema Configuration
Site Configuration
Site Link Bridge Configuration
Site Link Configuration
Subnets
SYSVOL

Overview Page

Count of Events by:
Subsystem | Active Directory | Attributes
Subsystem | Active Directory | Object
Subsystem | Active Directory | Object Class
Subsystem | Group Policy

Search Properties

What Tab:
Subsystem | Active Directory
Subsystem | ADAM (AD LDS)
Subsystem | Group Policy
Object Class
NOTE: See Custom Active Directory Searches and Reports for information about using the What tab to create custom Active Directory search queries.

Searches Page

Built-in Reports:
All reports that include the events in the facilities listed above.

Alert Body Configuration Dialog - Event Details Tab

Variables (email tags):
AD_SAMACCOUNTNAME
AD_USERMAIL
AD_USERPRINCIPALNAME
ADAM_CONFIGURATIONSET
ADAM_INSTANCENAME
ADAM_INSTANCEPORT
ADAM_PARTITIONNAME
GPO_POLICYCANONICAL
GPO_POLICYITEM
GPO_POLICYNAME
GPO_POLICYSECTION
NOTE: See the Quest Change Auditor User Guide for a description of these email tags and how to configure alert email notifications.

 

 

自助服务工具
知识库
通知和警报
产品支持
下载软件
技术说明文件
用户论坛
视频教程
RSS订阅源
联系我们
获得许可 帮助
技术支持
查看全部
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级