Active Directory Auditing

Both security and compliance requirements make it necessary to audit Active Directory. We believe that all organizations, irrespective of size, sector or budget, should be able to conduct Active Directory auditing easily. However, native auditing methods are complex and time consuming; testing the patience of even the most experienced Information Technology Auditors and IT Administrators. Multiple issues, including inadequate options for long-term storage of logs, too much noise, duplicate events and the absence of predefined reports, are more than enough to justify an alternative.

Our award-winning Active Directory auditing solution provides a scalable means to track configuration changes. We provide answers to the important IT auditing questions; such as “Who has made what change, when and from where”, “Who was the last user to access or logoff from the domain controller” and more. We also enable you to see who received administrative privileges or who is not an admin now.

Get a bird’s eye view of your whole environment

Auditing is a continuous process that should be performed 24/7. With in-depth change configuration auditing, LepideAuditor offers a 360º Radar Tab, that gives you a bird’s eye view of your whole Active Directory environment. Instantly see a summary of the total number of changes per administrator, per source and even by the trend to help you identify change/event anomalies. It also shows you critical information about the performance of specified servers to help you identify any potential continuity or performance issues. Our LiveFeed feature enables you to see all changes being made as they happen to ensure that you are constantly aware of what’s happening in your critical IT servers.

Our intuitive dashboard

Granular audit reports for Active Directory changes

We offer a single log for a single change displaying who, what, where and when the changes are made. We then provide this data to you through more than 100 relevant reports to help you address all manner of compliance, security, and system management challenges. Each report can be further customized with advanced filtration, searching, sorting, and other auditing functions. You can create custom reports of any Active Directory Audit Report to track a particular object or operation. You can select reports to be delivered on schedule through email or by saving at a shared location in CSV, MHT, and PDF file formats. The Active Directory audit reports can also be shared with other users through a secure web console. Read more

An audit report generated by LepideAuditor

Alert on critical Active Directory changes

Half the battle for IT teams is ensuring they understand when things are happening to make relevant decisions as to whether the action is required. To address this, we offer two types of alerting mechanism – one is real-time alerting that alerts you about critical changes in the real-time and other is threshold-based alerts where you can define the threshold limit for every change. For example, we can send you a single alert if 10 similar changes occur in 5 minutes. It helps potentially spot suspicious behaviour or anomalies within the IT environment. The alerts are delivered as emails to recipients, as updates to Radar Tab to give you an overall view of the environment, and as notifications to LepideAuditor App.

A real time alert generated by LepideAuditor

Audit Active Directory changes on the go

Our mobile app is designed to work on any Apple or Android device. Whenever a critical change like object deletion, permission delegation, or revoking necessary permissions is detected, you will get real-time or threshold-based notifications on the App. It provides IT teams with a simple way to track changes being made to the Active Directory environment. It delivers push-notifications of changes being made straight to give IT the insight they need, when and where they need it. Read more

Our mobile application on a hand-held device

Simplifying roll back of Active Directory changes

From time to time, an unwanted or unplanned change will need to be restored to its original value. For example, a user account may have been modified in error or a Junior Administrator may have deleted an OU. Our rollback feature enables you to reverse changes made in a single click. It restores everything to exactly as it was before the change – including group memberships, attributes, permissions and more. With the option to retrieve the objects from tombstone, our proprietary technology lets you retrieve even those objects which are in recycled state or physically deleted on a permanent basis. Read more

Lepide Object Restore Wizard

Meeting Compliances in Active Directory

LepideAuditor for Active Directory has dedicated predefined reports to meet the IT-related regulations for numerous compliances; including PCI, SOX, GLBA, HIPAA, FISMA and GDPR. In just a few clicks, reports are generated that show how your Active Directory environment is adhering to the selected compliance. These reports can be scheduled to be delivered to selected recipients via email or by saving them at shared locations periodically. Inbuilt, predefined and customized reports allow you to meet other compliance requirements not listed here. Read more

Lepide Object Restore Wizard

Active Directory Configuration Change Auditing

LepideAuditor for Active Directory audits every aspect of Active Directory every change made in the Active Directory environment is monitored, recorded, and presented with minutest details. Before- and after- value of every configuration change is provided that too in a readable format. You just have to make a click to get answers to four famed Ws of IT Auditing– Who made What change, When, and Where.
Read more

Active Directory compliance reports

Our Inactive User report for Active Directory

Audit and Reverse Active Directory Permission Changes

Whenever permissions change, you need to be aware of it. Our Active Directory auditing solution keeps track of every permission change in the Active Directory, records it in its granular reports, and sends real-time or threshold based alerts for such critical changes. It also allows you to view all permissions to an object and compare the permissions of an object between two dates. All effective permissions held by an Active Directory Object are also displayed. You can also conduct historical permission analysis between two specific time intervals. Using our proprietary technology, you can reverse the unwanted permission changes to an ideal state (you have defined and captured earlier). It is the best way to maintain least privileges policy in your IT environment.

Security Auditing of Active Directory

Lepide Active Directory Auditor offers you dedicated reports to keep a check on the security settings of the Active Directory objects. In addition to permissions, you can also compare audit settings, and ownership of an object between intervals. With the option to track all changes made in audit settings and object ownerships, you can also view them on any particular date. Our solution also lets you search for an object in the audit entries in the entire Active Directory or see a list of owners of a selected object.

Our audit report displaying users with soon to expire passwords

Our audit report displaying users with soon to expire passwords

Active Directory Privilege Accounts Audit

LepideAuditor for Active Directory lets you track the members of administrative groups in Active Directory to give you a clear picture of the privileged users in the Active Directory. Our solution also offers a way to track all activities of privileged users and sends real-time or threshold-based alerts for any critical change made by a privileged user account.

Our Active Directory health check feature

Audit and Troubleshoot User Account Lockouts

In any IT environment, account lockout is used as an important mechanism to lock those accounts who are inactive for a particular period or who were performing suspicious activities. However, locking an Active Directory user account can impact other activities linked to that account. It could be a mess at the end of IT helpdesk to entertain the multiple requests of account lockout, so LepideAuditor for Active Directory comes here with its interactive feature to handle user account lockouts. It audits the account lockouts and provides the option to unlock the accounts or reset their passwords. You can also investigate which tasks, services, or processes will be impacted because of this account lockout.

Our audit report displaying users with soon to expire passwords

Audit Active Directory User Logon/Logoff Events

An IT Administrator must know which user has logged on or logged off, when, and from where. Getting logon/logoff details for all users from Event Viewer is like looking for few needles in a large haystack. Lepide Active Directory Auditor simplifies it with its to-the-point yet detailed Active Directory audit reports on user logon and logoff. With these reports, you can audit failed logon events, concurrent logon sessions, and users logged on to multiple computers. Our solution also sends real-time and threshold-based alerts for successful user logon or logoff, and domain controller logon or logoff.

Our Active Directory health check feature

Active Directory State Reports

LepideAuditor for Active Directory periodically captures the backup snapshot of Active Directory objects and save their state. You can use these snapshots to generate the historical reports to view the state of users, groups, computers, and organizational units (the four important objects) at any given point of time. It gives you a clear picture of exactly when any of these objects were created, modified, and has what properties.

What else you can do with Lepide Active Directory Auditor

Read all reviews

Read all stories

Try LepideAuditorTM

By downloading you agree to the terms in our privacy policy.
Try LepideAuditor™

Lepide® is a registered trademark of Lepide Software Private Limited. © Copyright 2018 Lepide Software Private Limited. All trademarks acknowledged.