AD Problems

What are Active Directory Problems?

ConnectSecure scans Active Directory objects, automatically classifies them into a Problem Group, and helps identify potential security issues.

Active Directory scanning runs on the following intervals

Azure AD = automatically syncs once per day

Prem AD = syncs based on the Scheduler or every 15 minutes if AD Audit is Enabled

NOTE: User Password Never Expires is excluded per NIST guidelines:

NIST SP 800-63 Digital Identity Guidelines-FAQ

Active Directory - Problems - Table of Contents

1 Active Directory - Problems - Overview
2 Active Directory Problems - Details
- 2.1 Problem Groups
- 2.2 Problem Group Details
3 Active Directory - Problems - Action Toolbar Overview
4 Active Directory - Problems - Side Navigation Toolbar Actions
- 4.1 Alerts
5 Need Support?

Active Directory - Problems - Overview

This is your view into the Problem Groups the Active Directory Scan/Audit identified.

Active Directory Problems - Details

Problem Groups

Active Directory problems identified will be classified automatically into our Problem Groups, which include:

Active User Not Logged In For 30 Days
Computer Not Logged In For 30 Days
Empty Security Groups
Failed Login Attempts
MFA Not Enabled For Azure Users
Multiple Administrators in OU
Non-Security Enabled Groups
Password Policy Compliance
User Account Lockouts
User Password Not Required

These will default according to the Problem Count value from highest to lowest.

Problem Group Details

Group Details will include the following fields.

Field	Description

Field	Description
Name	Displays the Active Directory category for the problem
Distinguished Name	Displays the unique (DN) for entry within Active Directory (Example: CN=Access Control Assistance Operators,CN=Builtin,DC=ad,DC=mycybercns,DC=com)
Canonical Name	Displays the unique (CN) attribute associated with the object (Example: Access Control Assistance Operators)
Display Name	Displays the full Active Directory display name (Example: DC=ad,DC=mycybercns,DC=com)
Domain	Displays the associated Domain Name (Example: ad.local)
Group Created	Displays the date/time stamp for group creation date
Is Critical System Object	Displays a YES if true, otherwise it is blank for FALSE
Managed By	Displays the managed by details, when applicable: (Example: CN=Organization Management,OU=Microsoft Exchange Security Groups,DC=ad,DC=mycybercns,DC=com)

Active Directory - Problems - Action Toolbar Overview

The side toolbar contains only the Alerts section.

Active Directory - Problems - Side Navigation Toolbar Actions

Alerts

Tap to view the System Events in the timeline style format for the selected company.

Need Support?

Contact our support team by sending an email to support@connectsecure.com or by visiting our Partner Portal, where you can create, view, and manage your tickets.

https://cybercns.freshdesk.com/en/support/login