Quick start

• Overview
• System requirements
• Prerequisites
• Deploying ADAudit Plus
• Configure components in ADAudit Plus
• Related documentation

Architecture

• Architecture

Active Directory

Active Directory auditing

• Overview
• Configure AD domains and DCs
  • Automatic configuration
  • Manual configuration
• Configure audit policies
  • Automatic configuration
  • Manual configuration
• Configure object level auditing
  • Automatic configuration
  • Manual configuration
• Configure event log settings
• Troubleshooting

ADFS auditing

• Overview
• Configure AD FS servers in ADAudit Plus
• Configure audit policies
  • Automatic configuration
  • Manual configuration
• Configure AD FS servers for auditing
  • Enable auditing
  • Configure claims
  • Configure extranet lockout
• Troubleshooting

Group policy object auditing

• Overview
• Configure domain controllers
• Configure the audit policies
  • Automatic process
  • Manual process
• Configure object level auditing
  • Automatic process
  • Manual process
• Configure event log settings
• Install Group Policy Management Console

Azure AD configuration

• Overview
• Feature comparison: Azure App vs. M365
• Configuring Azure AD in ADAudit Plus
  • Using an Azure AD Premium license
  • Using a Microsoft 365 license
• Reporting capabilities of ADAudit Plus
  • ADAudit Plus vs. Azure portal
  • ADAudit Plus vs. PowerShell cmdlets
• Event categories tracked
• Log retention settings in Azure AD
• Troubleshooting

Azure AD DS auditing

• Overview
• Reporting capabilities of ADAudit Plus
• Azure AD DS configuration
• Configure Azure AD DS in ADAuditPlus
• Troubleshooting

Windows Server

Windows server auditing

• Overview
• Configure Windows servers
  • Using product console
  • Using command line arguments
• Configure audit policies
  • Automatically
  • Manually
• Configure event log settings
• Troubleshooting

Removable storage auditing

• Overview
• Configure USB Auditing
• Troubleshooting

File integrity monitoring

• Overview
• Configure FIM in ADAudit Plus
• Configure audit policies
  • Automatic configuration
  • Manual configuration
• Configure object-level auditing
  • Using Windows shares
  • Using PowerShell cmdlets
  • Using Global Object Access Auditing settings 
• Exclude configuration
• Configuring event log settings

PowerShell auditing guide

• Overview
• Configure PowerShell in ADAudit Plus
• Configure audit policies
  • Automatic configuration
  • Manual configuration
• Configure event log settings
• Troubleshooting

User session recording

• Overview and steps

File Server

Windows file server auditing

• Overview
• Supported systems
• Configure Windows file servers
  • One server at a time
  • In bulk
• Configure audit policies
  • Automatic configuration
  • Manual configuration
• Configure object-level auditing
  • Automatic configuration
  • Manual configuration
• Configure security log size and retention settings
• Exclude configuration
• File Analysis
• Troubleshooting

EMC server auditing

• Overview
• Privileges required
• Adding EMC servers
• Configure audit policies
• Configure event log settings
• Configure object-level auditing
  • Automatic configuration
  • Manual configuration
• Exclusion configuration
• Troubleshooting

EMC Isilon auditing

• Overview
• Privileges required
• Configure EMC Isilon auditing
• Add EMC Isilon clusters
• Exclude configuration
• Troubleshooting

Synology auditing

• Overview
• Configure Synology NAS auditing
• Exclude Configuration feature
• Troubleshooting

Huawei OceanStor Auditing

• Overview
• Huawei OceanStor V5 series
  • Minimum privileges required
  • Configuration prerequisites
  • Enabling auditing
• Huawei OceanStor 9000 V5
  • Minimum privileges required
  • Configuration prerequisites
  • Enabling auditing
• Huawei OceanStor Dorado All-Flash Storage and OceanStor Hybrid Flash Storage
  • Minimum privileges required
  • Configuration prerequisites
  • Enabling auditing
• Adding devices in ADAudit Plus
• Exclude configuration
• Troubleshooting

NetApp filer auditing

• Overview
• Adding NetApp 7Mode/vFiler CIFS server
• Configure audit policies
  • Automatic configuration
  • Manual configuration
• Configure object-level auditing
  • Automatic configuration
  • Manual configuration
• Exclude Configuration
• Troubleshooting

NetApp cluster auditing

• Overview
• Configuration prerequisites
• Configure NetApp cluster auditing
  • Adding the target cluster
  • Adding the target shares
  • Configuring audit options
• Exclude Configuration

Hitachi NAS auditing

• Overview
• Privileges required
• Add a Hitachi NAS server
• Configure audit policies
• Configure object-level auditing
• Exclude Configuration
• Troubleshooting

Amazon FSx auditing guide

• Overview
• Prerequisites
• Configure audit policies
• Configure object-level auditing
• Configure Amazon FSx in ADAudit Plus
• Troubleshooting

Windows workstation auditing

• Overview
• Configure windows workstations
  • Using product console
  • Using command line arguments
• Configure audit policies
  • Automatic Process
  • Manual Process
• Configure event log settings
• Troubleshooting

Event collection troubleshooting

• Overview
• Errors and solutions
  • Domain errors
  • Report based errors
  • General errors
  • NetApp filer errors
  • EMC errors
  • Synology errors
  • Hitachi errors

Migration

• PostgreSQL/MySQL to MS SQL Migration
• Migrate data between different versions of MS SQL
• MySQL/MS SQL to PostgreSQL Migration
• Move ADAudit Plus from one server/drive to another
• Convert ADAudit Plus from 32-bit to 64-bit architecture
• Backup and restore

Security

Security specifications

• Overview
• Potential vulnerabilities
• Security specifications

Security hardening

• Security hardening

Product configuation

Service account configuration

• Overview
• New user, group, and GPO creation
• Privileges required
  • For event log collection
  • For automatic audit policy and object level auditing configuration
  • For file server auditing
  • For DataEngine
  • Other privileges

SSL configuration

• Overview
• Enable SSL
• Glossary

Security log settings

• Security Log Settings

Agent configuration

• Overview
• Installation prerequisites
• Agent installation
  • Install agent via ADAudit Plus' UI
  • Install agent manually
• Agent security settings
• Agent configuration sync
• Upgrade the agent
• Agent uninstallation
• Troubleshooting
• Errors and solutions

Single sign-on

• NTLM authentication
  • To enable NTLM-based single sign-on
  • To modify existing single sign-on settings
  • Troubleshooting steps for NTLM-based SSO
• SAML authentication
  • Configure SSO using Okta
  • Configure SSO using OneLogin
  • Configure SSO using Ping Identity
  • Configure SSO using ADFS
  • Configure SSO using a custom identity provider
  • Troubleshooting tips for SAML-based SSO

Ports

• Product and System Ports

2FA configuration

• Overview
• Enable 2FA in ADAudit Plus
• Authentication modes
  • Email Verification
  • SMS Verification
  • Google Authenticator
  • RSA SecurID
  • Duo Security
  • RADIUS Authentication
• Set a preferred authentication mode
• Reset the second authentication factor

Virtual IP address settings

• Virtual IP address settings

High availability configuration

• Overview
• High availability workflow
• Prerequisites
• High availability setup

Email server configuration

• Overview
• SMTP mail server configuration
• API mail server configuration

Automatic configuration

• Add/Remove devices and shares