Checklist for Auditing Systems Outside of Active Directory
Here is the overall process for auditing a computer that isn't joined to Active Directory, including links to documented procedures.
| Step # | Actions | Details | |
|---|---|---|---|
| Create the audit installation | |||
| 1 | For the audit store that includes the collector that you will enroll to the Privileged Access Service, edit the audit store scope so that it includes the following: The site or subnet that the collector is in The IP address or subnet of the system to be audited (the one that isn't in Active Directory) | Creating a new installation | |
| Add the audit installation to the Admin Portal and enable auditing | |||
| 2 | Install a connector on a Windows computer in the Active Directory domain Note: For now, do not install a connector on the same computer as a collector. | "How to install a connector" in the Privileged Access Service help | |
| 3 | In the Admin Portal, enable auditing for the audit installation. | "Enabling auditing for remote sessions" in the Privileged Access Service help | |
| 4 | Verify the connector status in the Admin Portal. Note: If your deployment is across multiple Active Directory forests or you have multiple DirectAudit installations, your deployment will include multiple cloud connectors. In this kind of deployment, you should configure each non-Active Directory system to use only the cloud connectors that are in the same Active Directory forest as the desired DirectAudit installation. You can configure which connectors should be used in the system's Connector settings in the Admin Portal. For details, see the "Selecting the connectors to use" topic in the Privileged Access Service help. | "Reference content - Connector configuration program" in the Privileged Access Service help | |
| Configure the collector | |||
| 5 | On the computer where the collector is or will be, install the Delinea Client and enroll the computer in the Privileged Access Service. The collector needs to be joined to Active Directory and enrolled in the Privileged Access Service. | "Installing and using the Delinea Client for Windows" in the Privileged Access Service help | |
| 6 | Install a new collector or reconfigure an existing collector so that the collector receives audit data according to the cloud settings. | Configure the audit collector service | |
| Configure the computer to be audited | |||
| 7 | In the Admin Portal, download the Delinea Client installers and get an enrollment code | "Installing and using the Delinea Client for Windows" in the Privileged Access Service help "Enrolling and managing computers using Delinea Client for Linux" in the Privileged Access Service help "Enrolling a computer" in the Privileged Access Service help | |
| 8 | In the Admin Portal, make sure that the user account you'll use to run the installer has the permissions to enroll the system. | "Admin Portal administrative rights" in the Privileged Access Service help | |
| 9 | On the computer to be audited, make sure that its DNS setting are set so that it can contact and be contacted by the collector computer. | On the computer to be audited, make sure that its DNS settings are set so that it can contact the collector computer by its fully qualified domain name (FQDN). | |
| 10 | Install the client and enroll the computer in the Privileged Access Service. | "Installing and using the Delinea Client for Windows" in the Privileged Access Service help "Enrolling and managing computers using Delinea Client for Linux" in the Privileged Access Service help | |
| 11 | In the Admin Portal, verify the enrollment. | In the Admin Portal, go to Resources > Systems to verify the enrollment status. | |
| 12 | Install the audit client package(s): Windows: Install the Windows audit package. Linux: First install the OpenSSL package, and then install the Linux audit package.. | "Downloading the audit packages for the Delinea Clients" in the Privileged Access Service help | |
| 13 | In Audit Manager, verify that the computer is being audited. | Managing audited computers and agents |
