MFA Enrollment Audit Report
ADSelfService Plus provides MFA protection for multiple endpoints such as Windows, macOS, and Linux devices, VPN and OWA logins, and enterprise applications. Therefore, it is a crucial security requirement that every user enrolls for MFA in ADSelfService Plus. Users can enroll for various authenticators from their workstations or mobile devices. Administrators also have the option to enroll users in bulk, using CSV files.
The MFA Enrollment Audit Report displays details of every MFA enrollment action in ADSelfService Plus. The information presented in this report includes the username, time of enrollment, authenticator enrolled for, IP address, the endpoint type enrollment was attempted from, and who attempted enrollment (user or admin).
Report generation
You can generate the MFA Enrollment Audit Report by following these steps:
- Log into the ADSelfService Plus admin portal with administrator or operator privileges and navigate to Reports > MFA Reports > MFA Enrollment Audit Report.
- Specify the domain using the Select Domain option.
- Specify OUs (if necessary) using the Select OUs option.
- The Period drop-down menu can be used to specify the time period for which to generate the reports. Options include Today, Yesterday, Last 7 days, Last 30 days, This month, and Custom Period.
- Click Generate to generate the report.
Report customization
- Adding or removing columns: To add or remove columns, click the Add/Remove Columns [ ] option at the far-right side of the report page. In the Select the columns to be displayed pop-up that appears, select the required fields under Available Columns and click the right arrow [>>] to move it to Selected Columns. To remove columns, select the unused fields under Selected Columns and click the left arrow [<<] to move it to Available Columns.
- Ordering the columns: The columns' positions can also be altered by selecting a value under Selected Columns and using the Up and Down buttons to change its position.
Advanced filtering
- Once the report is generated, the entries can be narrowed-down based on the following parameters by clicking the Advanced Filter [ ] icon at the far-right of the report:
- Name: This option lets you narrow-down the enrollment attempts by username. The conditions available to refine this include Contains, Does Not Contain, Is, Is Not, Starts With, and Ends With.
- Attempted from: This option lets you display results by the name of the machine enrollment was attempted from. The conditions available to refine this include Contains, Does Not Contain, Is, Is Not, Starts With, and Ends With.
- IP Address: This option lets you display results by IP address. The conditions available to refine this include Contains, Does Not Contain, Is, Is Not, Starts With, and Ends With.
- Status: Entries can be narrowed-down by whether enrollment was a Success or a Failure.
- Attempted Action: The report entries can be narrowed-down based on the action attempted or excluding a certain action. The actions available to refine this are Admin Disenrollment, Backup Code Generation by Technician, CSV Enrollment, DB Fetcher Enrollment, Self-Disenrollment, and Self-Enrollment.
- Authenticator Name: The report entries can be narrowed based on the authenticator enrollment was attempted for. You can generate it by specifying or excluding a particular authenticator.
- Access Mode: The report entries can be narrowed based on the type of device enrollment was attempted from. You can generate it by specifying or excluding a particular device type.
- Policy Name: This option lets you narrow-down the enrollment attempts by policy name. The conditions available to refine this include Contains, Does Not Contain, Is, Is Not, Starts With, and Ends With.
Sorting
Click any of the column headers (except the Status and Authenticator columns) to view the report's entries in ascending or descending order.
Searching
- Click the search icon [ ] in order to search for specific data in the report.
- Specific users can be searched for using attributes such as their Name or IP Address.
- Searching happens using the criteria contains. For example, if the word jack is searched for using the Username column, then all usernames containing the sequence jack will be displayed as a result.
Schedule Reports, Export As, and More
- The Schedule Reports option can be used to schedule the generation of reports at specified intervals, and automatically email them to administrators or specific email addresses. Learn to schedule reports here.
- The Export As option in the right corner of the page helps export the report in CSV, PDF, XLS, XLSX, HTML, and CSVDE formats.
- The More option in the right corner of the page lists the Printable View, Send Mail, and Export Settings options.
- The Printable View option can be used to preview and print the report.
- The Send Mail option can be used to email the report to the desired email addresses.
- Additionally, you can configure custom Export Settings, such as a personalized title for the report and a header logo that you may wish to display on each page.
Don't see what you're looking for?
-
Visit our community
Post your questions in the forum.
-
Request additional resources
Send us your requirements.
-
Need implementation assistance?
Try onboarding