Active Directory Auditing | Netwrix Product Documentation

📄️ Active Directory Permissions Analyzer reports are

Active Directory Permissions Analyzer (ADPA) reports show old data from deprecated domains. Create and run a job to remove outdated ADPA tables and repopulate them for active domains.

📄️ AD Collection Jobs Don't Support gMSA

This article explains the symptoms, causes, and resolutions for issues related to running Active Directory collection jobs with group Managed Service Accounts (gMSA) in Netwrix Access Analyzer.

📄️ AD_SecurityAssessment Explained

Lists where the AD_SecurityAssessment report retrieves data for each category, including the tables/views and jobs you can use to investigate and mitigate vulnerabilities.

📄️ Built-in Users Group Permissions

Explains whether the built-in Windows Users group (S-1-5-32-545) is required for Netwrix Access Analyzer and where to find the default installation folder and role-based access documentation.

📄️ Collecting AD Summary

Learn how to collect the Active Directory Summary report values (Total Users and Disabled Users) for licensing compliance in Netwrix Access Analyzer.

📄️ Deleted AD User(s) Still Show In Netwrix Access An

Deleted Active Directory user accounts still appear in Netwrix Access Analyzer reports because the AD Inventory (ADI) scan did not detect deletions; this article explains how to run a full AD Inventory Scan to resolve the issue.

📄️ Deleted Objects in ADInventory

ADInventory may not flag deleted objects unless it can access the Deleted Objects container or you run a full scan. This article explains why the IsDeleted column is not populated and how to grant or verify access to the Deleted Objects container.

📄️ Confirm Permissions for AD Domain Controllers

This article provides step-by-step instructions to verify the permissions of the account used in Netwrix Enterprise Auditor for the AD_DomainControllers job.

📄️ isDeleted not being checked in ADI scans

The isDeleted attribute is not being evaluated during ADI scans. Grant List Contents and Read Properties permissions on the Deleted Objects container so deleted objects are included in scans.

📄️ Missing Groups in AIC Access Groups

When you add a new share in Netwrix Access Analyzer (AIC) and see ObjectSID values instead of group names, the ADInventory scan is likely misconfigured or unable to target the correct domain controllers. This article describes symptoms, causes, troubleshooting steps, and resolution to restore group resolution in AIC.

📄️ Remove Domain Audit Data from Reports − Drop Domai

Explains how to remove audit data for a decommissioned or excluded domain by using the Drop Domain task in Netwrix Access Analyzer to delete the related data from your SQL Server.