Forum Discussion

Copper Contributor

Feb 12, 2020

Microsoft ATA - Auditing permissions Active Directory

Hello, we are testing the Microsoft ATA, but we have some points with doubts. We trying to see audit logs, who change the permissions groups, delete user and etc. Could you tell if the ATA he...

Diogo Vida

Copper Contributor

Feb 12, 2020

EliOfek, thanks for the feedback.

it wouldn't be cool to have this option to even identify who made any changes.

Thank you.

Diogo Vida

Copper Contributor

Feb 14, 2020

Hello EliOfek
For us, this type of analysis and auditing is also important across the Active Directory environment.
It´s possible report this feedback to Microsoft ATA Developers.?

Thank you.

EliOfek
Microsoft
Feb 14, 2020
Diogo Vida , You just did 🙂 I am in the ATA Engineering team.

We get this request often, the problem is that AD does not expose this info in a reasonable manner.

(Or at least we haven't figured a way just yet).
- Diogo Vida
  Copper Contributor
  Feb 20, 2020
  Hello EliOfek
  I just want confirm, sometimes audit who edit the group and other time not, Microsoft ATA planning audit activities in Active Directory environment?
  
  Thank you.
  - EliOfek
    Microsoft
    Feb 20, 2020
    Diogo Vida , Currently we only monitor group modifications for group determined automatically as sensitive, or manually tagged as sensitive by the customer.
    
    Anyway, I am not familiar with a plan to do full AD auditing at any point.
- Diogo Vida
  Copper Contributor
  Feb 17, 2020
  EliOfek ,
  Good morning, thanks for the information, just checked the tool and it is possible to change changes to groups, permissions, users (enabled / disabled)
  sounds great to see the logs/audit.!