This article explains how to audit changes made to Active Directory (AD) objects using ADManager Plus. Auditing enables administrators to track critical actions such as user modifications, group membership changes, password resets, and account unlocks performed by help desk technicians. These insights help maintain accountability, detect unauthorized changes, and support compliance with organizational and regulatory standards.
The technician must be assigned a delegated help desk role with access to the Audit Reports, located under the Delegation tab.
Respective archives must be extracted.
Select the help desk technicians and the time period for which you want to generate the audit report.
Click Go.
From the generated audit report, search for the desired AD object to view a detailed change history.
By default, audit reports are archived every 90 days and retained for eight years. These settings can be customized to align with your organization’s data retention policies.
Archive settings can be customized by clicking the Manage Archive button in the Audit Report window.
Regularly review audit reports to detect unauthorized or unintended changes.
Customize archive retention settings based on organizational compliance requirements.