Welcome to our new version of Enterprise Permissions Reporting. EPR will assist you to meet all challenges you may face regarding regulatory compliances such as HIPAA, FDA, PCI or SOX. EPR can generate continuous reports for SOX/PCI audits.
One of the new features is called Active Directory Group Membership Watcher and monitors all changes which are made against a selected Active Directory group.
If someone adds or removes a member to a group then a delta report is created. So you get only the modifications. You can monitor these changes at the grafical user interface or send an automatical report to an independent manager.
A Windows service is executed as often as you want to check modifications.
In more detail I'll show you how to create a membership Watch Report Definition. Here is the trial!
You can track membership modifications through the entire forest. (No special license is needed for multiple domains or sites or number of installations).
The configuration of this Active Directory Group membership Change tracker tool is divided into 4 sections
Here you configure the name of the definition and how often the watcher should run.
Choose a group from your entire forest list. If you click "Show Current List" all members of the selected group are enumerated.
For testing purposes you might stored the results file based. We recommend to use a database.
The result or a summary can be sent to the security manager or an independent quality monitoring.
That's it – take a trial and have a look . . .
Note: if you configure a membership wathc report the first time you have to make 2 changes to the group. The first change will not be reportet because it is "point zero".