Auditing Active Directory Changes
CPTRAX for Windows
Learn More
CPTRAX for Windows provides tools for Real-Time monitoring, alerting and auditing abilities for Active Directory. Now you can audit your Active Directory without defining SACLs and without having to deal with Windows event logs.
How is CPTRAX for Windows different than other Active Directory Auditing tools you may be using or have tested?
- Does not require or rely on SACLs to be defined
- Does not use or depend upon Windows Event logs
- Is not a snapshot tool that only notices after changes are made and adds scanning overhead
- No changes to any Windows security policies or security configurations
- Runs natively, receiving all changes to Active Directory in real time
- Provides true "where" Active Directory changes originated by revealing the source IP and not merely the server/DC that processed the request
- Reveals previous and new values for attribute modifications
- Works with all versions of Windows, from 2000 to 2012, all 32bit and 64bit versions included
- Tracks what is important to you, by object class, by attribute, by specific objects
- Includes real time alert console that runs on your desktop and tracks all alerts you define
- Securely stores all records in encrypted log files, not in an open database that can be modified
- Optionally send all activity records to an existing Microsoft SQL Server.
Your job just got easier because CPTRAX for Windows provides complete visibility of who is modifying your Active Directory and exactly what is being done.
Active Directory Auditing Features Included with CPTRAX for Windows
With CPTRAX for Windows you will receive the following Active Directory audit abilities:
- Activity Directory Auditing by Object Class:
- Create
- Delete
- Modify
- Scope object class to only those required
- Active Directory Auditing by Attribute
- Add Value
- Remove Value
- Modify Value, includes before and after values
- Associated attribute modification
- Example: Adding a user to a group's membership will show the user being added and will also show the group's membership changing
- Example: Setting a user's manager attribute will show the user's new manager and will also show the manager object as having a new managed user
- Active Directory Auditing by specific object
- Tracks all requested changes to selected object(s)
- Tracks specific object or by wildcard including path
- Scope changes tracked by selected attributes
- Active Directory Schema Change Auditing
- Track changes to Active Directory Schema
- Reveals new object classes created
- Reveals new attribute definitions created
- Active Directory Tracking, who, where, when, all items tracked include:
- Originating IP Address (not the DC where action was processed!)
- Name of DC processing request
- Originating Workstation Name
- Originator LDAP Account Name
- Originator SAM Account Name
- Originator SID
- Receive real-time alerts via email
- Receive real-time alerts via desktop popup (using our Alert Agent)
- Interoperability across unrelated Domains, Active Directory Forests and stand-alone servers/workstations
- Scalable Administration interface that enables functionality on a small network to one with thousands of servers
- Unattended and Scheduled Reporting
- Does not use or require any third party applications (SQL, .Net, Event Logs and so on).
- Automatic purging of old activity log files
- Encrypted activity log files
- While SQL is not required, we do offer the option of sending all activity records to an existing Microsoft SQL Server.
