Results 1 to 6 of 6

Thread: Active Directory user/client activity logging?

  1. #1
    SCSI Dude Faust's Avatar
    Join Date
    Apr 2000
    Location
    Huntington Beach, CA
    Posts
    8,708

    Active Directory user/client activity logging?

    For the sake of brevity...

    One of our engineers will be working remotely for the next year. We've set him up with a good means to do so, but would like to have the ability to audit his user account's and, if possible, "his" host machine's (in our local network) activity. It's not a "do we trust him" issue (we do). It's just a nod to proper security practice as we have opened up a potential vulnerability.

    As a quick back story, our offices' IT services are outsourced (business < 50 emplyees). I handle the fringe systems/networking (product testing lab, shop floor, etc.) which are outside the domain. And by that I mean my job involves a metric ton of non-IT responsibilities. Hence my cry for help

    AD is not alien to me by any stretch, but I also don't pretend to be an expert.

    Any guidance would be most appreciated.
    "Today is a black day in the history of mankind."

    - Leo Szilard

  2. #2
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,876
    How will they be logging in?
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  3. #3
    SCSI Dude Faust's Avatar
    Join Date
    Apr 2000
    Location
    Huntington Beach, CA
    Posts
    8,708
    Ideally HP RGS, with LogMeIn as a backup so they'll be using their regular credentials.
    "Today is a black day in the history of mankind."

    - Leo Szilard

  4. #4
    SCSI Dude Faust's Avatar
    Join Date
    Apr 2000
    Location
    Huntington Beach, CA
    Posts
    8,708
    As a refinement of my original question... I suppose it's just more auditing of AD activity (file/folder access on the server) by a user. He doesn't have priviledges to create or delete accounts or anything. We' just like some traceability. No need for Untangle or Snort type network monitoring.
    "Today is a black day in the history of mankind."

    - Leo Szilard

  5. #5
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,876
    Sounds like the basic logs in event viewer, look for "log on" events. May be enough for you. Haven't had the need to find 3rd party tools to track that further.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  6. #6
    Junior Member
    Join Date
    Dec 2012
    Posts
    1
    If you don’t need any filtering or reporting, you should be able to use the native audit logs to do this—you’ll just have to make sure that you keep your eye on the logs. If you need to be alerted of specific changes, I’d recommend some third-party tools because native auditing doesn’t provide it. My IT department uses the freeware versions of NetWrix Active Directory Change Reporter and NetWrix File Sever Change Reporter (the tools send reports that highlight all changes, deletions and additions to AD and file servers), and I think they’ll be useful in your case. Quest and ScriptLogic also offer some excellent tools.

Similar Threads

  1. OSX and Active Directory
    By Blisster in forum Networking Forum
    Replies: 15
    Last Post: 11-20-06, 08:33 AM
  2. ? About Active Directory
    By Prey521 in forum Software Forum
    Replies: 4
    Last Post: 04-27-04, 03:06 PM
  3. Active Directory
    By gentlebenus in forum Networking Forum
    Replies: 0
    Last Post: 02-25-04, 09:39 PM
  4. Active directory help needed
    By Sid in forum Networking Forum
    Replies: 2
    Last Post: 08-05-02, 08:31 PM
  5. Active directory not listed in XP
    By Sid in forum Software Forum
    Replies: 2
    Last Post: 08-05-02, 01:39 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •