Prerequisites

Privileges required

The following privileges and permissions are required to audit the Mac workstations in your AD environment using ADAudit Plus:

• Root or Admin privileges: Ensure that you have administrative privileges on the target Mac workstations.
• Enable SSH on Mac workstations: Ensure that SSH is enabled on the Mac workstations in order for ADAudit Plus to install the agent automatically.
• Enable the creation of mobile accounts at login: In order to facilitate authentication even when the Mac workstation is disconnected from the domain network, the Create mobile account at login setting needs to be enabled in the AD settings when joining the Mac workstation to the domain. ADAudit Plus audits the logon activity of domain accounts only. Enabling this setting will help differentiate between domain accounts and local accounts.

Technical specifications

ADAudit Plus uses port number 8555 by default for agent-to-server communication. This port needs to be opened for ADAudit Plus to audit logon events from Mac workstations.

If you have configured a network address translation (NAT) device, the NAT port needs to be opened. To find the port number used by the NAT device:

• Log in to your ADAudit Plus web console.
• Go to Admin > General Settings > Connection Settings.
• Select the NAT tab and find the port number next to the NAT Device field.