Go Up
You are here: DeploymentConfigure IT InfrastructureActive DirectoryActive Directory: Manual Configuration

Active Directory: Manual Configuration

To configure your domain for monitoring manually, you will need:

  • Group Policy Management Console — if you plan to perform configuration steps from a Domain Controller

-or -

  • ADSE Edit - if you plan to perform configuration steps from a server other than Domain Controller.

NOTE: If these tools are not installed, refer to related sections:

Take the following configuration steps:

  1. Configure effective domain controllers policy (by default, Default Domain Controllers Policy). See Configure Basic Domain Audit Policies or Configure Advanced Audit Policies for details.
  2. Configure Object-Level Auditing
  3. Adjusting Security Event Log Size and Retention Settings
  4. Enable Secondary Logon Service
  5. If you have an on-premises Exchange server in your Active Directory domain, consider that some changes to AD can be made via that Exchange server. To be able to audit and report who made those changes, you should Configure Exchange Administrator Audit Logging Settings

Optionally, you can Adjust Active Directory Tombstone Lifetime.

Also, remember to do the following for AD auditing:

  1. Configure Data Collecting Account, as described in Configure Data Collecting Account
  2. Configure required protocols and ports, as described in Protocols and Ports Required for Monitoring Active Directory, Exchange, and Group Policy section.

Go Up