The ADMonitor Viewer application offers an additional method to view AD changes without requiring the web reports. The ADMonitor Viewer directly accesses the local AD cache and lets users view all AD changes that occurred since ADMonitor was installed. Note that the Viewer does not show the following:
•Changes made to Group Policies (requires web reports)
•List of objects like users and/or groups (requires ADMonitor Reporting or web reports)
Results can also be printed and exported in HTML and CSV format.
Connecting
The Viewer can either connect to the local ADMonitor cache (default) or to a remote archive if data file management has been enabled. Accessing a remote archive requires that the EventSentryADMonitorDB$ is available and that the currently logged on user is part of the Domain Admins group.
Searching
After a connection has been established the search dialog allows the user to specify which change events to display. By default, all object changes from the last 24 hours from all domains are returned. Commonly used search criteria can be saved as a template. Searches can be restricted by:
•Change Type
•Object Name
•Object Class
•User who performed change
•Domain
Advanced searches evaluating the attributes of an object are available as well.
Sorting / Grouping Results
Search results are sorted by their timestamp by default, but a custom sort order can be applied by dragging one of the available columns into the dark gray header area. Search/group conditions can be removed by dragging the field outside of the gray header.
Interpreting Results
Search results are shown in the main Viewer dialog which is divided into the three sections:
•Object Changes
•Attribute Change Events
•Object Details
Additionally, the Attribute Advisor window (can be toggled) can show a description and details when an attribute is selected.
Object Changes (1)
Shows a list of objects that were changed during the selected search period including the change type, object DN, name, class and timestamps.
Attribute Change Events (2)
All attributes that were modified as part of an object change are shown in this pane since object changes usually consist of one or more attribute changes. Attribute changes include the attribute name and change type, current & previous values including version numbers as well as timestamps. If the attribute advisor dialog is visible then a description of an attribute will be shown when available.
Object Details (3)
Shows all attributes associated with the selected object, such as objectClass, displayName, name and others.
