Previous releases of ARM extended the existing access rights permission visibility into Active Directory, Exchange, and file servers by Microsoft OneDrive and Microsoft SharePoint Online and introduced the ability to collect events from Microsoft OneDrive and SharePoint Online.
With ARM 2019.4, we now add the ability to provision users in managed Azure AD domains and to assign mailboxes and licenses.
Supporting hybrid environments also means we continue to further improve ARM in all its capabilities and platforms you use. We’ve introduced improvements with ARM 2019.4 in Active Directory monitoring/alerting as well as official support for Microsoft Server 2019 editions.
What’s New in Access Rights Manager 2019.4?
- Installation and configuration: Improved installation and configuration experience for new installation and upgrade scenarios.
- Web Client - web dashboard: Use the new dashboard to get instant insight into what’s most important, or what needs to be addressed right now.
- Active Directory - group policy monitoring: ARM now monitors if a group policy change has occurred and reports the change details.
- Active Directory - alerting on user/group events: ARM now supports creation of alerts for any user/group on AD containers, making the configuration easier and covering more use cases beyond alerting on selected objects.
- Alerting - new activity: Forward alerts via Syslog to SIEMs like SolarWinds Security Event Manager or Kiwi Syslog Server.
- Azure AD/Office 365: Provision users in managed domains and assign mailboxes and licenses.
- Defect fixes and architecture improvements: As with any release, we addressed product defects and introduced architectural optimizations, laying the foundation for coming features we plan to make available in the next releases.
The SolarWinds product team is excited to make these features available to you. We hope you enjoy them. Of course, please be sure to create new feature requests for any additional functionality you would like to see with ARM.
To help get you going quickly with this new version, below is a quick walkthrough of the new monitoring capabilities for Microsoft Active Directory, also available in the ARM Audit edition.
Identify CHANGES to GROUP POLICIES
Group policies are an important tool for managing Active Directory environments, and administrators should be aware if these have changed.
Now let’s look at how we can use Active Directory monitoring to answer the question, “What group policy has changed, and what are the change details?” ARM allows you to find this information via the Logbook in the thick client.
1. Navigate to the Logbook view in the ARM thick client by clicking on “Logbook” in the navigation bar.
The “Logbook” opens.
2. Select the time period to be viewed by clicking the highlighted “from” date.
3. Select the new date by clicking on the date in the date picker.
4. Click “Apply.”
5. Click the cell in the “Group Policy Changes” column of the date you’re interested in.
6. In the upper window on the right side, you’ll see all group policy change events and who has changed these when on the selected date. The lower window holds the details of each event. In our case, we have the “Maximum system log size” changed from “60096 kilobytes” to “60160 kilobytes” and the “Prevent local guests group from accessing application log” changed from “Not configured” to “Disabled.”
You can also get this information as report via the “AD Logga” report, which can be scheduled to be sent periodically to your mailbox, helping you stay on top what’s happening with group policy changes in your Environment.
I hope this quick summary gives you a good understanding of some of the new features in ARM and how you can use ARM to get better visibility and control over your hybrid IT Environment.