Checklist for auditing systems outside of Active Directory
Here is the overall process for auditing a computer that isn't joined to Active Directory, including links to documented procedures.
Step # | Actions | Details | |
---|---|---|---|
Create the audit installation | |||
1 |
For the audit store that includes the collector that you will enroll to the Privileged Access Service, edit the audit store scope so that it includes the following:
|
|
|
Add the audit installation to the Admin Portal and enable auditing | |||
2 |
Install a connector on a Windows computer in the Active Directory domain Note: For now, do not install a connector on the same computer as a collector. |
|
|
3 |
In the Admin Portal, enable auditing for the audit installation. |
|
|
4 |
Verify the connector status in the Admin Portal. Note: If your deployment is across multiple Active Directory forests or you have multiple DirectAudit installations, your deployment will include multiple cloud connectors. In this kind of deployment, you should configure each non-Active Directory system to use only the cloud connectors that are in the same Active Directory forest as the desired DirectAudit installation. You can configure which connectors should be used in the system's Connector settings in the Admin Portal.
|
|
|
|
Configure the collector |
|
|
5 |
On the computer where the collector is or will be, install the Centrify Client and enroll the computer in the Privileged Access Service. The collector needs to be joined to Active Directory and enrolled in the Privileged Access Service. |
|
|
6 |
Install a new collector or reconfigure an existing collector so that the collector receives audit data according to the cloud settings. |
|
|
|
Configure the computer to be audited |
|
|
7 |
In the Admin Portal, download the Centrify Client installers and get an enrollment code |
Installing and using the Centrify Client for Windows Enrolling and managing computers using the Centrify Client for Linux |
|
8 |
In the Admin Portal, make sure that the user account you'll use to run the installer has the permissions to enroll the system. |
|
|
9 |
On the computer to be audited, make sure that its DNS setting are set so that it can contact and be contacted by the collector computer. |
On the computer to be audited, make sure that its DNS settings are set so that it can contact the collector computer by its fully qualified domain name (FQDN). |
|
10 |
Install the client and enroll the computer in the Privileged Access Service. |
Installing and using the Centrify Client for Windows Enrolling and managing computers using the Centrify Client for Linux |
|
11 |
In the Admin Portal, verify the enrollment. |
In the Admin Portal, go to Resources > Systems to verify the enrollment status. |
|
12 |
Install the audit client package(s):
|
|
|
13 |
In Audit Manager, verify that the computer is being audited. |
|