Auditing systems outside of Active Directory

You can use gateway-based auditing for systems that are not in your Active Directory system. For the non-Active Directory systems that you need to audit, you have two ways to do so:

  • (Option A) Install and enroll the Centrify Client on the systems you want to audit.

  • (Option B) Configure your non-Active Directory cloud connectors to point to your audit collectors (which are joined to Active Directory). Any systems connected to Centrify PAS by way of these cloud connectors will be audited.

For option A, the details of what you need to do are specified in Checklist for auditing systems outside of Active Directory.

For option B, follow just steps 1-6 in the Checklist for auditing systems outside of Active Directory, and then configure your non-Active Directory cloud connectors with the changes below.

To configure a non-Active Directory cloud connector to point to your Active Directory-joined audit collectors:

  • Make the following registry key changes:

    Location – HKLM\SOFTWARE\Centrify\Cloud

    Name – NGDACollectorsOverride

    Type – REG_MULTI_SZ

    Value – One or more collectors in FQDN:Port format. For example, DACOLLECTORHOST1.ACME.COM:5064.

    Note:   Port 5064 is the default value; be sure to use the same port that your audit collectors use. You can open the Collector Control Panel to see which ports that the audit collectors are using.

You can make the registry key changes at the command line by running a command with the following syntax:

reg.exe add HKLM\SOFTWARE\Centrify\Cloud /v NGDACollectorsOverride /t REG_MULTI_SZ /d <one or more collector hosts in FQDN:Port format separated by \0>

Here's an example:

reg.exe add HKLM\SOFTWARE\Centrify\Cloud /v NGDACollectorsOverride /t REG_MULTI_SZ /d DACOLLECTORHOST1.ACME.COM:5064\0DACOLLECTORHOST2.ACME.COM:5064