Active Directory Auditing

We believe that all organizations, irrespective of size, sector or budget, should be able to conduct Active Directory auditing easily. However, the native auditing methods can be both complex and time consuming; testing the patience of even the most experienced Information Technology Auditors and IT Administrators. Multiple issues, including inadequate options for long-term storage of logs, too much noise, duplicate events and the absence of predefined reports, are more than enough to justify an alternative. Our award-winning Active Directory auditing solution provides a scalable means to track configuration changes. We provide answers to the important IT auditing questions; such as “who has made what change, when and from where”, “Who was the last user to access or logoff from the domain controller” and more. We also enable you to see who received administrative privileges or which users used to be admins.

Over 5,000 Organizations Use LepideAuditor to Protect Their Businesses Against Data Breaches

How We Help to Audit Active Directory Changes

Deploying an Active Directory auditing solution, like LepideAuditor, can help you monitor, detect and alert on suspicious or unwanted Active Directory changes. Through a combination of real-time monitoring, pre-defined reports and powerful alerting capabilities, LepideAuditor enables you to get better visibility into Active Directory changes. Here are just some ways in which LepideAuditor can help your business.

  • Intuitive Dashboard Auditing is a continuous process that should be performed 24/7. With in-depth change configuration auditing, LepideAuditor offers a 360º Radar Tab, that gives you a bird’s eye view of your whole Active Directory environment. Instantly see a summary of the total number of changes per administrator, per source and even by trend to help you identify change/event anomalies. Easily see critical information about the performance of specified servers to help you identify any potential continuity or performance issues. Our LiveFeed feature enables you to see all changes being made in real time to ensure that you are constantly aware of what’s happening in your critical IT servers.
  • Granular Audit Reports We offer a single log for a single change displaying who, what, where and when the changes are made. We then provide this data to you through more than 100 relevant reports to help you address all manner of compliance, security, and IT operations challenges. Each report can be further customized with advanced filtration, searching, sorting, and other auditing functions. You can customize any one of our Active Directory audit reports to track a particular object or operation. You can select reports to be delivered on schedule by email or by saving at a shared location in CSV, MHT, and PDF file formats. The Active Directory audit reports can also be shared with other users through a secure web console. Read more
  • Alerts on Critical Changes Half the battle for IT teams is ensuring they understand when things are happening to make relevant decisions as to whether action is required. To address this, we offer two types of alerting mechanisms – one is real-time alerting, which alerts you about critical changes in real-time, and the other is threshold-based alerts, where you can define the threshold limit for every change. For example, we can send you a single alert if 10 similar changes occur in 5 minutes. This helps potentially spot suspicious behaviour or anomalies within the IT environment. The alerts are delivered as emails to selected recipients, as updates to Radar Tab to give you an overall view of the environment, and as notifications to LepideAuditor App.
  • Rollback Unwanted Changes From time to time, an unwanted or unplanned change will need to be restored to its original value. For example, a user account may have been modified in error or a Junior Administrator may have deleted an OU. Our rollback feature enables you to reverse changes made in a single click. It restores everything to exactly as it was before the change – including group memberships, attributes, permissions and more. With the option to retrieve the objects from tombstone, our proprietary technology even lets you retrieve objects which are in recycled state or physically deleted on a permanent basis. Read more
  • Meeting Compliances Demands LepideAuditor for Active Directory has dedicated predefined reports to meet the IT-related regulations for numerous compliances; including PCI, SOX, GLBA, HIPAA, FISMA and GDPR. Generate reports that show how your Active Directory environment is adhering to the selected compliance in just a few clicks. These reports can be scheduled to be delivered to selected recipients via email or by saving them at shared locations periodically. Inbuilt, predefined and customized reports allow you to meet other compliance requirements not listed here. Read more
  • Mobile AppOur mobile app is designed to work on any Apple or Android device. Whenever a critical change like object deletion, permission delegation, or revoking necessary permissions is detected, you will get real-time or threshold-based notifications on the App. This will give you a simple way to track changes being made to the Active Directory environment whilst on the go. Push-notifications for changes being made will ensure that you get the insight you need, when and where you need it. Read more

Free Whitepaper
10 Best Practices for Keeping Active Directory Secure Address key security concerns and prepare for compliance audits with this handy reference guide Download Now
What We Audit in Active Directory

Active Directory Configuration Change Auditing

LepideAuditor for Active Directory audits every aspect of Active Directory. Every change made in the Active Directory environment is monitored, recorded, and presented in minute detail. Before-and-after-values of every configuration change are provided in a readable format. The answers to the coveted W’s of auditing (Who made What change, When, and Where) are just a few clicks away.
Read more

Audit and Reverse Active Directory Permission Changes

Whenever permissions change, you need to be aware of it. Our Active Directory auditing solution keeps track of every permission change in the Active Directory, records it in its granular reports, and sends real-time or threshold-based alerts for such critical changes. It also allows you to view all permissions to an object and compare the permissions of an object between two dates. All effective permissions held by an Active Directory Object are also displayed. You can also conduct historical permission analysis between two specific time intervals. You can easily reverse the unwanted permission changes to an ideal state (that you have defined and captured earlier).

Active Directory Security Auditing

Lepide Active Directory Auditor offers you dedicated reports to help keep track of the security settings of Active Directory objects. In addition to permissions, you can also compare audit settings, and ownership of an object between intervals. You have the option to track all changes made in audit settings and object ownerships, and also view them on any particular date. Our solution lets you search for an object in the audit entries or see a list of owners of a selected object.

Active Directory Privileged Accounts Audit

LepideAuditor for Active Directory lets you track the members of administrative groups in Active Directory to give you a clear picture of the privileged users. Our solution also offers a way to track all activities of Active Directory privileged users and sends real-time or threshold-based alerts for any critical change made by a privileged user account.

Audit and Troubleshoot User Account Lockouts

In any IT environment, it is advised that you lock accounts that are inactive for a long period of time or on which suspicious activities were taking place. However, locking an Active Directory user account can impact other activities linked to that account, which could be a mess left to the IT team to clean up. LepideAuditor for Active Directory comes helps you better handle user account lockouts, by auditing the account lockouts and providing the option to unlock or reset their passwords. You can also investigate which tasks, services, or processes will be impacted because of this account lockout.

Audit Active Directory User Logon/Logoff Events

An IT Administrator must always know which user has logged on or logged off, when, and from where. Getting logon/logoff details for all users from the Event Viewer is like looking for a needle in a haystack. Lepide Active Directory Auditor simplifies this search with simple yet detailed Active Directory audit reports on user logon and logoff. With these reports, you can audit failed logon events, concurrent logon sessions, and users logged on to multiple computers. Our solution also sends real-time and threshold-based alerts for successful user logon or logoff, and domain controller logon or logoff.

Active Directory State Reports

LepideAuditor for Active Directory periodically captures backup snapshots of Active Directory objects and saves their state. You can use these snapshots to generate historical reports on the state of users, groups, computers, and organizational units (the four important objects) at any given point in time. It gives you a clear picture of exactly when any of these objects were created or modified and what it’s properties are.

What Else Lepide Active Directory Auditor Can Do For You
Active Directory Clean-Up

Save time by automating the management of inactive user and computer accounts. Move them to different OU, reset their passwords, disable them or simply delete them.

Learn more
Manage Password Expiration

Reduce the number of password-related help desk calls by sending automatic email notifications to users with soon-to-expire passwords, allowing them to reset their password on time.

Learn more
Health Check-Up

Keep an eye on the health of your Active Directory and receive real time alerts straight to your inbox for NT Directory services, DNS Servers, Disk space and much more.

Learn more

Read all reviews

Read all stories

More from Lepide

Top 5 Human Errors That Could Lead to a Data Breach

The blog explains five most cited examples of erroneous behavior that might compromise the integrity of our security posture.

Learn More ->
How CISOs Can Win Over the Board on Cybersecurity Strategy

In this whitepaper, we have put together a list of tips and tricks to help CISOs communicate effectively with the board on cybersecurity strategy.

Learn More ->
“On the Fly” Classification Introduced into LepideAuditor 19.1

The latest version of LepideAuditor introduces key new functionality to help users with data discovery, classification and user/entity behavior analytics.

Learn More ->
  • +1(0)-800-814-0578
  • |