The importance of auditing the Active Directory can be proved with a single fact that doing this will help to maintain the security and integrity of the IT infrastructure in an organization. However, auditing using the traditional Windows native tools is a time consuming and difficult process. It becomes more cumbersome when the auditor has to deal with the difficult-to-understand event details. Moreover, each domain has to be monitored separately and it increases the consumption of time and resources. Indeed, there should be a solution to centralize the auditing on all domains and that too in a user-friendly manner. With these features and much more, LepideAuditor for Active Directory (LAAD) comes up as a preferred solution to audit the AD. In this blog post, we’ll discuss how you can audit the Active Directory objects using this tool.
You can install the software on any domain or even in a Workgroup computer and you’re free to add the multiple domains (whether same or different) available in your network.
In addition to auditing, this Lepide product also creates the snapshots of the states of the objects periodically, which can be used to reinstate the previous working states of the AD objects.
Adding a Domain
The first step is to add a domain in LepideAuditor for Active Directory. For adding a domain, go the “Settings” tab and click “Domain Management” button in the Left Hand Section. Click on the “Add” button for adding a domain, of which auditing you’ve to conduct. This will display the following dialog box
Figure: Add Domain dialog box
Provide the necessary inputs like Domain Name/IP Address of the domain, Username, and Password. You can also click on the “Discover Domain” button to list all the domains and select anyone of them. It is required to provide the credentials for an Administrator. Usage of agent is optional, still it’s required to collect the data in a better manner. Click “OK” button once you’re done. In the Dashboard, a tab will be created for each added domain.
Click “Change Collection Management” option in the Left Hand Panel. This will display the window containing the options, which’re displayed in the following image.
Figure: Collection Management
Here, you can modify the time interval after which the software should collect the data from the added domain(s) automatically. You can also specify the duration after which a snapshot of the states of the Active Directory objects will be created.
Switch to the “Email Management” option to add your email server using which the software will email the scheduled reports and real-time alerts to the intended recipients. Click on the “Add” button located in the Right Hand Panel and this will display the following dialog box.
Figure: Add Email Account
Here, you’ve to provide the details like Login name (email ID), password, SMTP Server Name (Outgoing server), SMTP server port, your email address, and Display name. If...