How can I track or audit changes made to Active Directory objects using ADManager Plus?
Objective
This article explains how to audit changes made to Active Directory (AD) objects using ADManager Plus. Auditing enables administrators to track critical actions such as user modifications, group membership changes, password resets, and account unlocks performed by help desk technicians. These insights help maintain accountability, detect unauthorized changes, and support compliance with organizational and regulatory standards.
Prerequisites
The technician must be assigned a delegated help desk role with access to the Audit Reports, located under the Delegation tab.
Respective archives must be extracted.
Steps to follow
- Navigate to Delegation > Help Desk Audit Reports > Audit Reports.
Select the help desk technicians and the time period for which you want to generate the audit report.
Click Go.
From the generated audit report, search for the desired AD object to view a detailed change history.
Tips
By default, audit reports are archived every 90 days and retained for eight years. These settings can be customized to align with your organization’s data retention policies.
Archive settings can be customized by clicking the Manage Archive button in the Audit Report window.
Regularly review audit reports to detect unauthorized or unintended changes.
Customize archive retention settings based on organizational compliance requirements.
New to ADSelfService Plus?
Related Articles
How to configure Active Directory integration with monday.com using ADManager Plus
Objective This article explains how to integrate monday.com with ManageEngine ADManager Plus to enable seamless Active Directory actions using APIs. With this setup, IT administrators can synchronize your user accounts, manage permissions, and ...Why are the Exchange attribute changes made using ADManager Plus not reflecting on the Exchange server?
Issue description After updating Exchange-related attributes using ADManager Plus, the changes are not reflecting in Exchange server immediately. This delay can cause inconsistencies and confusion when managing mailbox properties. Possible causes ...How to audit changes made to AD objects using ADManager Plus
Steps Navigate to Delegation > Help Desk Audit Reports > Audit Reports. Select the help desk technicians and the time period for which you want the audit report. Click Go. From the generated audit report, you can search for the desired object to view ...Why is my Active Directory backup failing when using ADManager Plus?
Issue description Users may encounter backup failures when using ADManager Plus, with messages like Failed: [Invalid Credential] or Failed: [DC Not Operational] appearing in the Backup Summary section. As a result, scheduled or manual backups of ...How to set the retention period for deleted objects for quick recovery using ADManager Plus
Objective Learn how to configure the retention period for deleted Active Directory objects in Quick Recovery. This setting defines how long deleted users, groups, and other objects can be restored without requiring a full backup recovery. Adjusting ...