Active Directory Identity Scans

File Reporter 24.4 performs an extended collection of identities (security principals) in your Active Directory forest. The data collected is available for Custom Query reports or direct review via the Identities page, or for use with other customer-defined processes that query the database directly.

Overview

Scope

Active Directory's Identity Scan feature scans for all identities across all domains in the associated Active Directory forest. An "identity" is classified as any object in Active Directory with a valid Security Identifier (objectSid) attribute.

Collected Data

The collected data includes a pre-defined set of single-value attributes that enrich the basic identity metadata for users, groups, and other security principals found in Active Directory — see ad.ds_objects in the File Reporter 24.4 Custom Query Guide for a list of current attributes.

Performing Scans

Scheduling Identity Scans

Active Directory Identity Scans run once per day at midnight. Support for custom schedules is slated for a future release.

Performing an Immediate Scan

To perform an immediate scan of Active Directory identity objects in the File Reporter Web Application.

1. Select Identities in the File Systems menu.

   

2. Click Start Scan.

Viewing Collected Identities

In the File Reporter Web Application:

1. Select Identities in the File Systems menu.

2. Collected identities are grouped by domain and object type, by default.

   

3. Use the search filters and grouping capabilities of the grid display to analyze the collected identities and assist with Custom Query reports.

Extending Custom Query Reports

See Active Directory Identity Enrichment in the File Reporter24.4 Custom Query Guide for an example of creating a Custom Query report with extended identity information.