New Domain Admins
Purpose
The purpose of this solution is to monitor for newly created or promoted domain admins and generate alerts.
Associated Content
| Content | Type | Function |
|---|---|---|
| Machine Group - Domain Controllers | Group | Stores the Domain Controllers in a single place. |
| Custom Field - Is Primary Domain Controller | Custom Field | Used to determine whether a Domain Controller is an infrastructure master or not. |
| Task - Validate Primary Domain Controller | Task | Validates whether a computer is an infrastructure master or not and updates the custom field Is Primary Domain Controller. |
| Machine Group - Infrastructure Master | Group | Stores all the available infrastructure masters in a single place. |
| Custom Field - New Domain Admins | Custom Field | Stores the information of the new domain admins returned by the New Domain Admins task. |
| Task - New Domain Admins | Task | Checks and returns the newly detected domain admin(s) since the previous execution of the task. |
Implementation
- Read all the associated documents carefully.
- Create the custom field: Is Primary Domain Controller.
- Create the Machine Group: Domain Controllers.
- Create the task: Validate Primary Domain Controller.
- Create the deployment schedule as described in this document: Validate Primary Domain Controller.
- Create the custom field: New Domain Admins.
- Create the Machine Group: Infrastructure Master.
- Create the task: New Domain Admins.
- Create the deployment schedule as described in this document: New Domain Admins.