Active Directory Group Membership Watcher

2 Jul

eprlogo.jpg Welcome to our new version of Enterprise Permissions Reporting. EPR will assist you to meet all challenges you may face regarding regulatory compliances such as HIPAA, FDA, PCI or SOX.  EPR can generate continuous reports for SOX/PCI audits.

One of the new features is called  Active Directory Group Membership Watcher and monitors all changes which are made against a selected Active Directory group.

EPRMW05.PNG


If someone adds or removes a member to a group then a delta report is created. So you get only the modifications. You can monitor these changes at the grafical user interface or send an automatical report to an independent manager.
A Windows service is executed as often as you want to check modifications.

In more detail I'll show you how to create a membership Watch Report Definition. Here is the trial!


You can track membership modifications through the entire forest. (No special license is needed for multiple domains or sites or number of installations).

EPRMW00.PNG

 The configuration of this Active Directory Group membership Change tracker tool is divided into 4 sections

1. General
Here you configure the name of the definition and how often the watcher should run.

 EPRMW01.PNG


2. Anaylze
Choose a group from your entire forest list. If you click "Show Current List" all members of the selected group are enumerated.

EPRMW02.PNG


3. Storage
For testing purposes you might stored the results file based. We recommend to use a database.

 EPRMW03.PNG


4. Notification
The result or a summary can be sent to the security manager or an independent quality monitoring.

 EPRMW04.PNG

That's it – take a trial and have a look . . .

Note: if you configure a membership wathc report the first time you have to make 2 changes to the group. The first change will not be reportet because it is "point zero".

Leave a Reply

Your email address will not be published. Required fields are marked *