Other privileges/permissions required

  • Grant the user Read permission over the SYSVOL folder:
  • Read permission over the SYSVOL folder is needed for GPO Settings change auditing.
    Log in to your Domain Controller with Domain Admin privileges → Locate the SYSVOL folder → Right click → Properties → Security → Edit →Add the "ADAudit Plus" user → Provide both Share and NTFS, Read permission.

    active-directory-audit-other-privileges-permissions-required
  • Grant the user Full control over the product installation folder
  • Full control over the product installation folder is needed for ADAudit Plus to write in the database.

    Log in to the computer where ADAudit Plus is installed with Domain Admin privileges→ Locate the product installation folder → Right click → Properties → Security → Edit →Add the "ADAudit Plus" user and provide full control.

  • Grant the user Full control over ADAudit Plus' archive folder:
  • Full control over the archive folder is needed for storing and retrieving archived data from the database.

    To find out the location of the Archive Folder:Open ADAudit Plus → Admin → Archive Events → Scroll down to see the location.

    active-directory-audit-other-privileges-permissions-required-2

    Log in to target computer with Domain Admin privileges → Locate the folder → Right click on the folder → Properties → Security → Edit →Add the ADAudit Plus User → Provide both Share and NTFS, Full control permission.

  • Grant the user Full control over all ADAudit Plus Scheduled Reports folders:
  • Full control over a Scheduled Reports folder is needed for saving the scheduled report in the specified location.

    To find out the location of a Scheduled Reports Folder: Open ADAudit Plus → Admin → Schedule Reports → Modify Schedule Report → Scroll down to see the location.

    Log in to target computer with Domain Admin privileges → Locate the folder → Right click on folder → Properties → Security → Edit →Add the ADAudit Plus User → Provide both Share and NTFS, Full control permission.Repeat the steps on all Schedule Reports folders.

  • Grant the user Read and Execute permission over all ADAudit Plus' Alert Script folders:
  • Read and Execute permissions on a alert script folder is needed for executing script files once an alert gets triggered.

    To find out the location of a Folder:Open ADAudit Plus → Configuration → Modify Alert Profile → Scroll down to see the location.

    Log in to target computer with Domain Admin privileges → Locate the folder → Right click on folder → Properties → Security → Edit → Add the ADAudit Plus User → Provide both share and NTFS, Read and Execute permissions.Repeat the steps on all Alert Script folders.

  • Steps to provide 'Read' permission for DNS object.
  • Login to your Domain Controller with Domain Admin privileges → Open Active Directory Users and Computers → Navigate to Domain → System

    active-directory-audit-other-privileges-permissions-required-read-permission

    Right click MicrosoftDNS container, go to 'Security' tab and add the service account.

    active-directory-audit-other-privileges-permissions-required-read-permission

    Give 'Read' permission to the service account.

    active-directory-audit-other-privileges-permissions-required-read-permission

我们的客户