Documentation forAccess Rights Manager

Set alerts for user accounts

Background / Value

The AD Logga allows you to monitor the process of resetting passwords. Within this process there is an inherent security risk. For example, if a helpdesk employee secretly resets the password of a manager or executive, they can sign on with a temporary password and gain access to sensitive information. In this scenario the designated users are informed.

 

Related features

Set alerts for groups

Set alerts for OUs/domains

Manage alerts

 

Step-by-step process

  1. Find the desired user by entering their name into the search field.
  2. Right-click on the user and select "Create alert" from the context menu.

 

C005-02 EN Alarme für Nutzerkonten anlegen

  1. Enter a title for the alert.
  2. Select an event type that triggers the alert.

 

  1. Choose Actions.
    Here you specify which actions are executed when an alert is triggered. You must activate at least one action.
  2. Activate the option if an email should be sent in case of an alert.

The content of the emails can be customized. This is analogous to the recertification emails.

  1. The alarm is written to the Windows event log using the categorization. This option is especially useful if you are using a SIEM system that monitors the Windows Event Log.
  2. Enable the execution of a script. To be able to activate this option, a script configuration for alerts must exist.

 

Activate this option to write the event to a Syslog server. Syslog servers need to be configured in the ARM configuration application under Server > Syslog.

 

Choose a category. This is used when writing to the Windows Event Log and for the email subject.

 

  1. You must specify a reason for the alert configuration in order to save it.
  2. Click on "Create".