• State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 32 subscribers
  • Views 1057 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

SAM users - we need your help!

ccousineau

We're working on the next version of AppInsight for Active Directory, and we have some questions for you about "Trusts". Specifically,

  1. What Trust information would you want to see in AppInsight for Active Directory?
  2. If you have a large Active Directory deployment with a large # of Trust Relationships, how would you want to filter/see this information? [i.e. what type of views would you like to see this information?]
  3. What actions would you take upon seeing the Trust information?
  • 0

    Looking forward to seeing everyone's input on this! emoticons_happy.png

  • 0

    Over the course of many moons, acquisitions, and regulatory compliance efforts, our environment has grown from two forests (internal and DMZ) to six. It is now in the process of being consolidated back down to two* forests.

    *Just in time for us to begin evaluating Microsoft's relatively new references for a "Enhanced Security Administrative Environment" (ESAE), which is otherwise known as a "Red Forest." So who knows, maybe three, but don't tell anyone I work with yet. emoticons_wink.png

    Some of the important attributes about trusts may be obvious to some, but I'll list everything that comes to mind:

    • Type of trust (forest trust, domain, [external], shortcut, realm)
    • Directionality of trust (two-way, one-way, direction of trust)
    • Parameters of trust: Transitive, Forest-wide vs selective authentication
    • There are other details that might be related, but they would already be documented by AppInsight for Active Directory.

    With multiple forests and different kinds of trusts, having a good map or diagram definitely helps.

    Beyond scope: At the intersection of SAM, AppInsight, ARM, and SEIM, it would be neat to see additional insights about SID history usage and cross-forest SID translation.

  • 0 in reply to sturdyerde

    Thanks for the very complete response! emoticons_happy.png

  • 0

    What would also be cool is a map-view of the trust relationships and the forest(s).

    Something like this (I'm not the GUI designer in our Company emoticons_happy.png ) if you hover over the map the basic information will be shown.:

    Trust map example.png

  • 0

    AppInsight for ActiveDirectory should default to authenticating over port 636 with TLS/SSL, please.

  • 0

    The possibility to disable some components... a lot of customer ask us because they don't need every event logs (heavy charge on the AD).

  • 0

    Hi ccousineau​,

    If I may advise something for "large AD deployments" - please notify your enterprise customers that AppInSight for AD is not designed to cover more than 50 DCs... We've spent significant amount of troubleshooting (and actual downtime to whole solarwinds) trying to figure out that assigning it to all our 250 DCs is not going to work. Support confirmed max is 50 DCs, otherwise you suffer.

    Thanks,

    Marcin

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.