New Domain Admins
Purpose
The purpose of this solution is to monitor for newly created or promoted domain admins and generate alerts.
Associated Content
| Content | Type | Function |
|---|---|---|
| Domain Controllers | Group | Stores the Domain Controllers in a single place. |
| Is Primary Domain Controller | Custom Field | Used to determine whether a Domain Controller is an infrastructure master or not. |
| Validate Primary Domain Controller | Task | Validates whether a computer is an infrastructure master or not and updates the custom field Is Primary Domain Controller. |
| Infrastructure Master | Group | Stores all the available infrastructure masters in a single place. |
| New Domain Admin | Monitor | The monitor set will generate an alert for the infrastructure master when a new domain admin is detected. |
Implementation
- Read all the associated documents carefully.
- Create the custom field: Is Primary Domain Controller.
- Create the Machine Group: Domain Controllers.
- Create the task: Validate Primary Domain Controller.
- Create the deployment schedule as described in this document: Validate Primary Domain Controller.
- Create the monitor: New Domain Admin
- Create the Machine Group: Infrastructure Master.
Changelog
2026-03-27
- Retired the "New Domain Admins" custom field.
- Retired the "New Domain Admins" task.
- Added a new "New Domain Admins" monitor.
- Shifted monitoring from the task to the monitor because the task was creating irrelevant tickets.
2025-04-10
- Initial version of the document