Feb 12 2020
08:43 AM
- last edited on
Nov 30 2021
10:03 AM
by
TechCommunityAP
Feb 12 2020
08:43 AM
- last edited on
Nov 30 2021
10:03 AM
by
TechCommunityAP
Hello, we are testing the Microsoft ATA, but we have some points with doubts.
We trying to see audit logs, who change the permissions groups, delete user and etc.
Could you tell if the ATA help with this monitoring.?
Thank you
Feb 12 2020 12:06 PM
@Diogo Vida No, ATA has visibility only on the change in AD, but not who did it.
Feb 12 2020 12:10 PM
@Eli Ofek, thanks for the feedback.
it wouldn't be cool to have this option to even identify who made any changes.
Thank you.
Feb 14 2020 03:30 AM
Feb 14 2020 03:31 AM
Hello @Eli Ofek
For us, this type of analysis and auditing is also important across the Active Directory environment.
It´s possible report this feedback to Microsoft ATA Developers.?
Thank you.
Feb 14 2020 11:25 AM
@Diogo Vida , You just did :) I am in the ATA Engineering team.
We get this request often, the problem is that AD does not expose this info in a reasonable manner.
(Or at least we haven't figured a way just yet).
Feb 17 2020 02:42 AM
Good morning, thanks for the information, just checked the tool and it is possible to change changes to groups, permissions, users (enabled / disabled)
sounds great to see the logs/audit.!
Feb 20 2020 03:29 AM
Hello @Eli Ofek
I just want confirm, sometimes audit who edit the group and other time not, Microsoft ATA planning audit activities in Active Directory environment?
Thank you.
Feb 20 2020 12:57 PM
@Diogo Vida , Currently we only monitor group modifications for group determined automatically as sensitive, or manually tagged as sensitive by the customer.
Anyway, I am not familiar with a plan to do full AD auditing at any point.