Active Directory Identity Scans

File Reporter 24.1 performs an extended collection of identities (security principals) in your Active Directory forest. The extended data collected with this process is available for use with Custom Query reports, direct review via the Identities page, or for use with other customer-defined processes that query the database directly.

Overview

Scope

Active Directory Identity Scan service scans for all identities across all domains in the associated Active Directory forest. Identities are classified as any object in Active Directory that has a valid Security Identifier (objectSid) attribute.

Collected Data

The collected data includes a predefined set of single-value attributes that enrich the basic identity metadata for users, groups, and other security principals found in Active Directory.

For a list of the currently included attributes, see ad.ds_objects in the File Reporter 24.1 Custom Query Guide.

Performing Scans

Scheduling Identity Scans

Active Directory Identity Scans run once per day at midnight.

Support for custom schedules will be added in a future release.

Performing an Immediate Scan

To perform an immediate scan of Active Directory identity objects:

1. Log in to the File Reporter web application.

2. Select File Systems > Identities.

   

3. Click Start Scan.

Viewing Collected Identities

1. Log in to the File Reporter web application.

2. Select File Systems > Identities.

3. By default, the collected identities are grouped by domain and object type.

   

4. Use the search filters and grouping capabilities of the grid display to gain insight into the collected identities and assist with Custom Query reports.

Extending Custom Query Reports

For an example of creating a Custom Query report with extended identity information, see Active Directory Identity Enrichment in the File Reporter 24.1 Custom Query Guide.