Active Directory Audit & Monitoring

Active Directory is the heart and soul of every Microsoft-based information system, but it’s not always treated as such. Years of service might leave unused accounts and wrong group memberships behind, while unnoticed configuration such as “password never expires” can expose your company to security issues. Adam gives you back control over Active Directory accounts and their configuration with an easy to use interface that will get you going in no time.

Adam features are:

  • Reporting on AD users, computers and groups
  • Compare changes between point in time runs
  • Test account properties against security rules
  • Allows for custom rules creation
  • Trending for rule violation over time
  • …. and more

What is Adam

Adam is a web based application that gets information from Active Directory and stores it into a SQL server database.

It enables sysadmins to easily spot errors and misconfiguration in user and computer accounts, compare changes over time, and test account properties against security and business rules to identify violations. Results can be browsed in the Adam gui or exported and saved for further review.

Use Cases

Adam can be useful for people managing Active Directory.

It enables to:

  • Have a clear understanding of account properties
  • Prepare and present audit reports
  • Identify changes in account properties and group membership over time
  • Test user and computer accounts against built-in and custom rules for business and security compliance

Audit Features

Adam retrieves information on domain accounts and group membership from Active Directory, and stores it in a relational database. Data can be presented online, and built-in reports are available to export both current data and comparison with a point in time to see what has changed between runs.

Example of reports are:

  • Administrative users
  • Obsolete users and computers
  • Users with passwords not expiring
  • Added or removed users and computers
  • Group membership changes

Monitoring Features

User and computer account properties can be tested against security and business rules to check for violation. Adam comes with a built-in set of rules that can be extended with custom rules.

Examples of built-in rules are:

  • Password never expires
  • Last logon over 180 days
  • Password not required
  • Account is locked
  • Password with reversible encryption

Scan results are saved in the database, they generate trending charts to monitor rule violations over time.

System Requirements

Compatibile with Windows 10 and Windows Server 2008 and above. The required .Net Framework and SQL Express will be installed automatically on demand.