Quantcast
Channel: Support Portal
Viewing all 484 articles
Browse latest View live

Re : Custom Reports Filtering Problem

February 17, 2017, 3:11 pm
Search

Re : Custom Reports Filtering Problem

February 17, 2017, 3:23 pm
$
0
0
Hi, as previously indicated, we are running Version 5.0.0 Build 5021 with SQL back end.  We will try to arrange a time for a support session sometime within the next 10 days,  Thanks!

ADAudit Logs

February 23, 2017, 6:35 am
$
0
0
Hi all,

I am looking at this software for the first time (trial version) and like it so far but I have a query that I am hoping I can get some help with. I see that all events are recorded such as changes to AD Groups, password changes, etc and I was wondering if this Audit tool keeps a log file anywhere? We did not enable logging in our infrastructure because we did not want massive log files appearing. Does ADAudit Plus keep a log of everything it records and if so, where is this kept and is there a risk of the log file growing to large sizes?

File Server Auditing - problem with #

February 24, 2017, 1:00 am
$
0
0
Can anybody confirm that File Server auditing in ADAuditPlus has a problem with a folder named:

# Organisation

When we analyze a folder for the report "successfully file read access" we can't get any informations about that folder. We suppose, if a folder named      # Organisation      is inside a folder structure FileAudit has problem to log changes in this folder.

Thanks in advance
Patrik

Re : ADAudit Logs

February 27, 2017, 1:25 am
$
0
0
Hi. Can anybody help with the above query?

Re : ADAudit Logs

February 27, 2017, 1:45 am
$
0
0
Hi Hugh,

Apologies for the delay in reply,

ADAudit Plus is dependent on native AD auditing and while setting up the needed policies will be configured with user consent.

The software is bundled with a PostgreSQL database that holds all audit data. ADAudit Plus also has an "Archive Events" feature that archives audit data periodically.  Please follow the steps to configure the same,

1. Log on to ADAudit Plus
2. Click on the "Admin" tab
3. Click "Archive Events"
4. Fill in the necessary number of days, category-wise.  

This will clear the processed audit data from database and archive[zip files] it.  The archive location is also configurable.
We did not enable logging in our infrastructure because we did not want massive log files appearing
Windows Event Viewer has an "Overwrite events as needed"[which is the default setting] feature that helps in preventing large log files. Please verify this setting in the computers that you have configured in ADAudit Plus to prevent large file growth.



Please let us know for any further questions, I would be glad to assist.

Regards,
Bala

Re : File Server Auditing - problem with #

February 27, 2017, 2:27 am
$
0
0
Hi,

Apologies for the delay in reply,

We tried to reproduce the problem in our test lab with version 5021[On the website] but it was working properly, please find the screenshot of the test,



Please let us know your convenient time and contact details to troubleshoot this over a remote desktop connection.

Regards,
Bala

Login vs Logoff time

February 23, 2017, 6:42 am
$
0
0
Hi,

we have the possibility to find logon time for users but in certain situations we also need the log off time.
Is there anyway to get this - if so, how?


Thanks.


Best Regards,
Jesper Breum
Search

ADAudit Plus initial installation: Accumulated more than 3678427 critical alerts that mean nothing

February 23, 2017, 7:19 am
$
0
0
After my initial installation, ADAudit Plus has been running a week. Having accumulated all these meaningless alerts, I'd love to simply delete them all.

I can't sit here for the next month deleting 100 at a time. There must be a way to purge these in one swipe. . . right?

Thanks for your comment(s) ahead of time. . . 

Steven - - - -

Keeping an eye on the network … ôô¬

Re : Login vs Logoff time

February 28, 2017, 3:46 pm
$
0
0
Jesper,

Using ADAudit Plus, we can also generate report on user logoff if we have all workstations configured in the tool to collect local logon & logoff events. Please follow the procedure given below,

1. Go to 'Configuration' tab
2. Click on 'Workstations' under 'Configured Servers'
3. Add workstations for auditing 
4. Please ensure those workstations are enabled with necessary audit policies as per below link,


P.S. Workstations add-on subscription is required to perform the above configuration in ADAudit Plus 

Regards,
Bruce,
ADAudit Plus Team

Re : ADAudit Plus initial installation: Accumulated more than 3678427 critical alerts that mean nothing

February 28, 2017, 3:51 pm
$
0
0
We can 'clear the alerts' that are older than 'a day' using an option in the tool. 

1. Go to Admin tab
2. Click on 'Alerts/Reports under 'Configuration' 
3. Enter '1' day to schedule the delete operation for alerts that are older than a day. 

This will delete the alerts when a daily scheduler runs at 2 AM.

Regards,
Bruce
ADAudit Plus Team

Re : Database growing while archiving function is enabled

February 28, 2017, 3:57 pm

Re : ADAudit Logs

March 1, 2017, 5:49 am
$
0
0
Thank you for the reply - is there a full user guide available so that I can learn how to use this ADAudit Plus?

Top User Logon Failures

March 1, 2017, 5:56 am
$
0
0
Hi there,

I am doing some testing using the ADAudit Plus tool and just working out how to use it generally and I noticed that on the home screen dashboard it is reporting 'Top User Logon Failures' and some of the users have logon failures rising into the thousands in the space of two days!! Surely this can't be correct? Is there anywhere in this tool that allows me to drill down to see why one user has 5.92k login failures in two days (see below picture)?


Re : File Server Auditing - problem with #

March 3, 2017, 5:00 am
$
0
0
Thank you!
We will check this with the support team.
Regards
Search

Re : Top User Logon Failures

March 7, 2017, 1:11 am
$
0
0
Hi,

Could anybody advise on the above query?

Re : Top User Logon Failures

March 7, 2017, 1:49 am
$
0
0
Hi Hugh,

Sorry about the delay,

ADAudit Plus collects all authentication events that happens in the domain, the following are some scenarios that can cause abnormal events,
  1. Applications using cached credentials that are stale
  2. Stale service account passwords cached by Service Control Manager(SCM)
  3. Stale logon credentials cached by stored usernames/passwords in Control Panel.
  4. Scheduled tasks and persistent drive mappings that have stale credentials.
  5. Failure of AD replications between Domain Controllers.
  6. Stored stale credential to access a file.
The authentication events(Account Logon) will not have more information unless we analyze the local logon events(Logon Events) from the corresponding computers.

To investigate further please check for the "Client Host Name" details against these events. This is the source computer that is generating these abnormal logon events.

On these computers, you need to look for the origin of these events in the above-mentioned scenarios - Services, Schedule tasks, Drive Mappings, Cached Credentials, Logon Sessions etc.,  

If you want to troubleshoot this over a remote desktop, please let us know your convenient time and send us an email to "support@adauditplus.com

Please let us know for any further help, I would be glad to assist.

Re : Database growing while archiving function is enabled

March 7, 2017, 2:33 am
$
0
0
same problem here :(

My database size is 107Go, and my archive folder only 5go.

Newest archive file was from august 2016....

Can I have some help ?

Re : Database growing while archiving function is enabled

March 9, 2017, 1:39 am
$
0
0
Ok working know, thanks to the support

For information...The service user need to have directly NTFS rights on the archive folder.
My adauditplus service user is admin of the server, but it was not working.
as soon as we add it with full control to the folder, it's working

Re : Database growing while archiving function is enabled

March 13, 2017, 12:13 pm
$
0
0
Dear Benoit,

Thank you for you update.


Regards,

ADAudit Plus Team.
Viewing all 484 articles
Browse latest View live
Search