Attack Surface Analyzer for servers and endpoints: Identify and remediate security misconfigurations by analyzing GPOs configured on servers and workstations, reducing the attack surface and improving security posture.
Azure Intune auditing: Track user activities, including new device enrollments, device and application changes, and policy creation across your Azure Intune environment.
Nutanix Files auditing: Gain visibility into all file activities within Nutanix Files.
CTERA Edge Filers auditing: Monitor file activities across your CTERA Edge Filers.
Windows LAPS auditing: Enhance security with auditing support for new Windows LAPS in ADAudit Plus.
Agent management: Use a single interface to get a centralized view of all installed agents across servers and endpoints with streamlined management options.
SSL certificate management: Apply SSL certificates for ADAudit Plus easily through the user interface and enhance security.
Enhancements
Agent self-upgrade: The ADAudit Plus agent can now upgrade automatically without a push request from the ADAudit Plus server, removing the need for admin access or RPC ports.
Real-time USB monitoring: The USB listener now operates in real-time, strengthening agent-based auditing of USB-related activities.
Microsoft Entra ID (formerly Azure AD) auditing: The User Logon Report now includes details that indicate whether a logon was interactive, non-interactive, service principal, or managed identity.
Centralized auditing control: Enable or disable auditing across all workstations and member servers simultaneously.
Force SAML SSO: Ensure technician users can only access ADAudit Plus via SAML SSO for enhanced security.
Scheduled Reports customization: Improved customization options for report frequency.
Alerts module optimization: Performance enhancements for better alert processing.
File access auditing optimization: Performance enhancements for processing file access audit data on failover file clusters.
Agent wrapper utility: Ensures continuous monitoring and automatic restarts if the agent gets stuck during event collection.
GPO Settings Report configuration: Access all configuration settings related to the GPO settings changes reports directly from the ADAudit Plus user interface.
Fixes
The license expiry email content has been updated for better clarity.
An issue that caused delays when updating credentials in ADAudit Plus' Domain Settings page has been fixed.
An issue with displaying AD CS sub-reports has been fixed.
Users inheriting the Technician role via group or OU membership will now appear on the Technician Settings page.
An issue causing sign-in errors in Microsoft Entra ID (formerly Azure AD) auditing that occurred during audit log collection in national cloud environments has been fixed.
A GPO link duplication issue with ADAudit Plus audit policy has been fixed.
An option to auto-add Member Servers and Workstations that have been manually disabled or deleted from ADAudit Plus has been provided.
A username filter has been added for the easier configuration of AD CS alerts.
File shares with successfully configured SACLs are no longer included in the Alert Me email notifications.
An array bound invalid issue during NetApp event collection has been fixed.
An issue with auditing Veritas file cluster has been fixed.
A license validation issue that occurred during print server addition for print job auditing has been fixed.
An issue preventing non-English file names from displaying correctly in Print job audit reports has been fixed.
An issue with file cluster node detection in Windows file cluster auditing has been fixed.
An issue with syncing audit settings from NetApp servers has been fixed.
Scheduled Reports now include specific error messages for 'File directory does not exist' and 'File Directory is not writable' to simplify troubleshooting.
In Custom Reports, new time-based filters (before 90 days and 12 months) have been introduced for the User Last Logon report.
The domain's DNS name will now be displayed instead of the domain's flat name on the ADAudit Plus web console's login page.
In Microsoft Entra ID (formerly Azure AD) auditing, the Recently Created Users report and its corresponding alert now contain details that indicate whether a user is externally invited.
A fix has been issued to prevent duplicate report categories in Custom Reports.
An issue with exporting reports in XLS format has been fixed.
An issue where the Alert Me email notification was incorrectly triggered when using virtual IP addresses, even when the product was operational, has been fixed.
An issue with Azure File shares addition that occurred when storage accounts and event hubs are in different resource groups has been fixed.
The initial event fetch period for Azure Risk Detection reports has now been increased to 30 days.
The 'Tenant already exists' error message encountered during Azure tenant configuration has been updated with a help document link for easier troubleshooting.
A connection timeout issue that occurred during Microsoft Entra ID (formerly Azure AD) event collection has been fixed.
In Custom Reports, an issue with filtering Group Management reports by Member Name has been fixed.
An login issue that occurred when accessing published scheduled reports via the email link when two-factor authentication is enabled has been fixed.
