All configuration changes must be recorded; multiple reports have to be produced and unwanted changes have to be restored. Such tasks are often pushed down the list as they can be seen as being unimportant; however, they are vital in helping secure the IT environment and meeting regulatory compliances. Native Methods of performing these tasks are both time-consuming and difficult. The same cannot be said for LepideAuditor. Our solution offers IT Administrators an easier way to perform user management tasks across multiple instances of server components.
Checking logon/logoff events will help administrators understand when unauthorized activity is taking place in critical servers. The Event Viewer can be difficult to gain meaning from, as it generates multiple logs for a single action (such as a user logon). Relying on this method is therefore too time consuming to be valuable. LepideAuditor has numerous reports dedicated to monitoring logon and logoff events. You can see when a user has logged on for the very first time, which computer they logged onto and when that user has last logged off. It lets you keep track of users logged on multiple computers at the same time and failed login attempts. You can also check failed logins on SQL Server.
Unauthorized permission changes can lead to administrative privileges being awarded to users that don’t require them. If this goes undetected in your systems, it is only a matter of time before you experience data leakage due to privilege abuse. Relying on the Event Viewer can take up to half an hour to track a single permission change due to the noise it generates. LepideAuditor continuously audits permission changes in real-time and allows you to define threshold-based alerts. Our solution lets you compare the permissions of an Active Directory object between two intervals and view all permissions to an object at any point in time. You can perform Historical Permission Analysis of File Server, Active Directory and Exchange Server. You can also view Current Permission Reports to analyze the currently effective permissions of users on all shared folders.
Most unwanted changes in the configuration of Active Directory and Group Policy Objects, especially in user accounts, can be a threat to IT security and therefore need to be reversed as soon as possible. Native methods for doing this in Active Directory are complex and only allow for the restoration of deleted objects when the object (user) is in a “Tombstone” or “Logically deleted” state. You cannot restore changes made in the state of objects (users); for example, you cannot undo a rename, properties modification or permission change. LepideAuditor captures backup snapshots of the state of Active Directory Objects and Group Policy Objects either manually or at periodic intervals. The Lepide Object Restore Wizard then allows you to restore users to their previous states in a matter of clicks. You can also restore a deleted user, along with their password, even when it is in neither a “Tombstone” nor “logically deleted” state.
Password policies, including the one for password expiration, are applied to strengthen the IT security of an organization. By default, Windows Operating System provides basic notifications of expiring passwords, but these are easily missed. There may also be users who don’t login directly via computers in the network, instead they access their accounts through Exchange or other services. If their password is expired, they cannot access their accounts at all. LepideAuditor sends password notifications periodically by email. LepideAuditor also provides dedicated audit reports of users with passwords soon to expire, already expired or never expiring.
Inactive user and computer accounts can be dangerous, as they can be leveraged to provide unauthorized access to critical systems. The complex techniques involved in native auditing makes it difficult for the IT team to regularly find and remove these obsolete accounts. LepideAuditor scans the Active Directory continuously and highlights inactive user and computer accounts. It also lets you automate actions to handle them such as changing its password, disabling the account, moving it to a separate Organizational Unit or removing such an account. You can decide these four levels of actions with specified number of days of inactivity. It also provides you predefined reports to track never logged on users, never used computers, and real last logon of users.
Real-time information regarding disabled, locked or removed user accounts enable the IT team to address issues before they are raised to the IT Helpdesk. LepideAuditor provides a report displaying all changes in the status of user accounts. Selected recipients can be notified of these changes by email and through push notifications to the LepideAuditor App (for Android and Apple devices).
Not all password changes are going to be innocuous. Administrators have to be able to determine reason for a password reset, especially if the password was not yet due to expire. Because of the complexities of the Event Viewer, this critical task is often ignored. LepideAuditor provides a dedicated report to show all attempts made to change or reset passwords.
Account lockouts are one of the most common tickets raised with the IT helpdesk, and resolving these issues can consume valuable time that could be better devoted elsewhere. LepideAuditor gives IT Teams real-time alerts for user account lockouts and equips you with an “Account Lockout Report”, which unlocks the accounts quickly. You can also reset the password of a locked account and investigate the reasons that led to it being locked in the first place.
Auditing user activities, including changes and accesses, in the IT environment is a mandatory requirement in any organization due to both security concerns and compliance mandates. LepideAuditor overcomes the drawbacks of native auditing by providing a simplified way to audit user activities through a single console for multiple instances of different server components. It shows all changes and access attempts in numerous predefined reports. You can keep track of attempts made to access, modify or delete data/mailboxes.
Providing self-service options to users reduces the number of calls to an IT Helpdesk. However, doing so is not feasible with native methods. Lepide Active Directory Self Service lets you delegate certain actions to Active Directory users. They can unlock their accounts, reset their passwords when expired and update their user information stored in Active Directory. You can also let users delegate the rights to unlock their accounts or reset their passwords to other users.
Lepide® is a registered trademark of Lepide Software Private Limited. © Copyright 2017 Lepide Software Private Limited. All trademarks acknowledged.