![]() ![]() ![]() |
Domain Settings
Reports
1. When I start ADAudit Plus, none of my domains are discovered. It says "No Domain Configuration available". Why?
ADAudit Plus, upon starting, discovers the domains from the DNS Server associated with the machine running the product. If no domain details are available in the DNS Server, it shows this message.
2. When I add my domains manually, the Domain Controllers are not resolved. Why?
When the DNS associated with the machine running ADAudit Plus do not contain the necessary information. You need to add the Domain Controllers manually.
3. When I add the Domain Controller, I get an error as "The Servers are not operational". What does it mean?
This error could be due to any of the following reasons:
4. When I add the Domain Controller, I get an error as "Unable to get domain DNS / FLAT name". What does it mean?
This error could be due to any of the following reasons:
5. The status column in the domain settings says that the user do not have Admin Privilege?
This is a warning message to indicate that the specified user do not have administrator privileges i.e, the user is not a member of Domain Admins Group. Hence permissions applicable to Administrator may not be available to this user.
6. What is "File Creation Audit Scheduler"?
Folders/Files newly created are tracked by ADAudit Plus through a periodic scheduler - "File Creation Audit Scheduler". The File Creation Audit Scheduler of ADAudit Plus creates a snapshot of all Folders/Files available in the configured shares during every run.
Details like who created a file, when and from where are deciphered by comparing the time-stamped event log data and the snapshot available.
7. Eventhough I click on the "Run Now" and collect event logs, reports show "No Data Available" and the Domain Settings page read,
Why?
The "Last Event Read Time" in ADAudit Plus is the last time that ADAudit Plus has contacted the security log of event viewer and fetched newly logged audit data. i.e) The Last Event Read Time changes only if there is fresh and relevant data complying to the audit policy available in the security logs of corresponding computers.
Reports
Possible reasons:
Troubleshooting steps:
1. Event collection is yet to happen or needs to be initiated.
ADAudit Plus has a default "Event Fetch Interval" for it to collect event log data from configured Domain Controllers . This is used for the collection of event logs periodically.
You can manually initiate this event log collection by clicking on the "Domain Settings" link, at the top right corner of the web console and click on "Run Now" link found adjacent to each Domain Controller. This will initiate event fetch from the configured Domain controller, now check for data in reports.
2. Audit Policy for corresponding domain/servers are not configured properly.
- Ensure Audit Policy is properly configured for,
- Sample "Advanced Audit Policy Settings" command prompt after running "auditpol /get /category:*".
The highlighted audit policy settings are needed for ADAudit Plus to monitor properly.
3. Proper / Privileged user credentials were not provided in ADAudit Plus settings.
Proper privileged user credentials are needed for ADAudit Plus to collect event log data from configured Domain Controllers. Steps to provide right user credentials.
4. Your Domain Controller Security Event log settings and ADAudit Plus event Fetch Interval.
If the "Security Event Log size" is set to a smaller value, "Event Fetch interval" of ADAudit Plus remains at the default 2 hrs and "Overwrite events as needed" was enabled on your "Domain Controller Event log settings" there is a higher probability of event log data getting lost.
To overcome this :
Ensure that the size of the Domain
controller "Security" event log is large enough. (You may
set the value of Security event log to
at-least a default
value of 128 MB. )
Security Log Size and Retention Settings.
2. For Advanced GPO Reports, GPMC should be
installed.
Installing GPMC in Windows Server 2003
Group Policy Management Console (GPMC) is needed in the computer where ADAudit Plus is installed for successfull "Advanced GPO Reports" generation. Please visit this page for download details of GPMC. Also visit the "Known Issues and Limitations" page for further details on this.
Installing GPMC using Server Manager (Windows Server 2008 & 2008 R2)
Installing GPMC from the Command Line
3. The old and new values are not displayed in the 2003 Servers?
![]() ![]() ![]() |