Active Directory is essential in organization but auditing is very essential to maintain AD health and security compliance.
The audit script is written to extract data with AD attributes as well as custom attributes (requires custom coding) such as Last Logon Days. All the dates are formatted with Timezone offset.
The script will output the result in csv file and you can analyze using spreadsheet software.
Active Directory Attributes:
Active Directory attributes included are:
adspath, displayname, sAMAccountName, givenName, SN, whenCreated, whenChanged, pwdLastSet, lastLogon, department, description, ipPhone, telephoneNumber, mail
Custom Attributes (requires coding) are:
LastLogonDays, LastPasswordSetDays. DC_Path, OU_Path
- Download Audit Scripts and Unzip
Copy Audit Scripts into Server that can connect to ActiveDirectory
Execute Audit script with ActiveDirectory Administrator account
Edit Audit Script YLNotes__AD_Audit_GetAdUsers.cmd
Under Configuration Input Section, enter LDAP Path
Execute Audit Script YLNotes__AD_Audit_GetAdUsers.cmd
The Audit Report is stored in AuditReports folder in csv file format
Open csv file using Excel