Documentation forAccess Rights Manager

Set alerts for OUs/domains

Background / Value

Sometimes not only a group or a single user is particularly security relevant, but an entire OU or domain. In these cases, you can configure alarms for entire OUs/domains, e.g. if a group membership has been changed, a password reset or an account locked.


Related features

Set alerts for user accounts

Set alerts for groups

Manage alerts


Step-by-step process

  1. Select Resources.
  2. Navigate to the desired domain, OU or container. You can alternatively use the search to find the desired AD object. Right-click on it and select "Create alert" from the context menu.


Select one of the following event types that can trigger the alert:

  • Account locked
  • Group membership changed
  • Password reset


You can set a threshold if needed.


  1. Choose Actions.
    Here you specify which actions are executed when an alert is triggered. You must activate at least one action.
  2. Activate the option if an email should be sent in case of an alert.

The content of the emails can be customized. This is analogous to the recertification emails.

  1. The alert is written to the Windows Event Log. The categorization is used. This option is especially useful if you are using a SIEM system.
  2. Enable the execution of a script. To activate this option, a script configuration for alerts must be stored.


Activate this option to write the event to a Syslog server. Syslog servers need to be configured in the ARM configuration application under Server > Syslog.


Choose a category. This is used when writing to the Windows Event Log and for the email subject.


  1. You must specify a reason for the alert configuration in order to save it.
  2. Click on "Create".