Support
 
Phone Get Quote
 
Support
 
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

 

FAQ

  1. How do I verify if the desired audit policies are configured?

    Log in to any computer that has the GPMC with Domain Admin credentials. Open the GPMC, right-click Group Policy Results, and open the Group Policy Results Wizard. Select the computer and user (current user), then verify if the desired settings defined in step 2.2 are configured.

  2. How do I verify if the desired events are getting logged?

    Log in to any computer with Domain Admin credentials. Open Run, and type eventvwr.msc. Right-click on Event Viewer. Connect to the target computer, then verify if events corresponding to the configured audit policies are getting logged. For example, Event ID 1200 should get logged when Success audit events is configured under the Audit Application Generated Subcategory, under the Object Access Category (refer to step 2.2.1).

  3. What do I do if:

    • AD FS logon success and failure data is unavailable? 

      • Check if audit policies (refer to step 2.2.1) and AD FS auditing (refer to step 3.1) are configured.
    • Primary SID, UPN, Client IP, Inside Corporate Network, Proxy or Forwarded Client IP data is unavailable? 

      • Check if the corresponding claim rules have been configured (refer to step 3.2).
    • Extranet lockout data is unavailable? 

      • Check if extranet lockout settings have been configured (refer to step 3.3).

    Log in to any computer that has the GPMC with Domain Admin credentials. Open the GPMC, right-click Group Policy Results, and open the Group Policy Results Wizard. Select the computer and user (current user), then verify if the desired settings defined in step 2.2 are configured.

  4. How do I verify if the desired audit policies are configured?

    Log in to any computer that has the GPMC with Domain Admin credentials. Open the GPMC, right-click Group Policy Results, and open the Group Policy Results Wizard. Select the computer and user (current user), then verify if the desired settings defined in step 2.2 are configured.

ADAudit Plus Trusted By

A single pane of glass for complete Active Directory Auditing and Reporting