Ask the Community
Groups
Configure Active Directory Monitor and Sync - Connect IT Community | Kaseya
<main> <article class="userContent"> <h2 data-id="breach-secure-now-s-active-directory-monitor-and-sync-app">Breach Secure Now's Active Directory Monitor and Sync app</h2> <h3 data-id="overview">Overview</h3> <p>The Active Directory Monitor and Sync app from <em>Breach Secure Now</em> provides visibility into changes made to Microsoft Active Directory user accounts in an on-premise Active Directory installation.</p> <p>To monitor for changes to Azure AD accounts, please use the <strong>Office 365 Log Monitor</strong> app.</p> <p>Not only will this app report in the RocketCyber Console any changes which are made, it can also sync the changes to Breach Secure Now.</p> <h3 data-id="configuration">Configuration</h3> <ol><li>Go to the App Store and enable the Active Directory Monitor and Sync app.</li> </ol><figure><img src="https://us.v-cdn.net/6032361/uploads/migrated/RPOEGEQ614VV/screen-shot-2020-02-06-at-4-04-46-pm.png" alt="screen-shot-2020-02-06-at-4-04-46-pm.png" class="embedImage-img importedEmbed-img"></img></figure><p> 2. Switch context to the specific customer that you want to configure. From the top right context switch menu, click the down arrow, then click on the desired customer.</p> <figure><img src="https://us.v-cdn.net/6032361/uploads/migrated/5DKVR364P5WD/screen-shot-2020-02-06-at-4-07-03-pm.png" alt="screen-shot-2020-02-06-at-4-07-03-pm.png" class="embedImage-img importedEmbed-img"></img></figure><p> 3. From the Dashboard, click on the <strong>Configure</strong> button in the lower right corner of the app card.</p> <figure><img src="https://us.v-cdn.net/6032361/uploads/migrated/ZI0O12WIG68G/screen-shot-2020-02-06-at-5-28-42-pm.png" alt="screen-shot-2020-02-06-at-5-28-42-pm.png" class="embedImage-img importedEmbed-img"></img></figure><ol><li> <ol><li>From the <strong>Monitoring Device</strong> dropdown, choose the device that you want to run the app on. Note this app will only run on the specified device.</li> <li>In the Client ID field, enter your Breach Secure Now Client ID. If you are a Breach Secure Now Client and need to obtain a client id, contact <a rel="nofollow" href="mailto:operations@breachsecurenow.com">operations@breachsecurenow.com</a>. If you aren't a Breach Secure Now client, you can leave it blank to monitor any changes to Active Directory without forwarding the results to Breach Secure Now.</li> <li>When finished click <strong>Create</strong> to save the configuration.</li> </ol></li> </ol><h3 data-id="how-it-works">How it works</h3> <p>The app will be run on the specified target machine. Periodically, based on the value specified in the <strong>Sync Interval</strong> configuration, it will check for changes to active directory users.</p> <p>When the app starts for the first time, you should expect to see a complete inventory of active directory user accounts in the app results for this app. From that point forward it will only report changes made to user accounts since the last time it ran.</p> <h3 data-id="reset-button">Reset Button</h3> <p>The app maintains a local cache record of account activity. In the event you find these needs to be reset, you can click the <strong>Reset</strong> button on the Active Directory Monitor and Sync app card. This will send a message to the device running this app to clear the cache and rescan Active Directory for user accounts.</p> </article> </main>