IT Asset Tool può monitorare e registrare l'accesso degli utenti. L'audit deve essere fatto dopo aver impostato per mezzo di una GPO il log degli eventi di login/logout. (vedi F.A.Q.

IT Asset Tool rileva i seguenti eventi in ciascun sistema monitorato.

IdDescription
528Successful Logon
529Logon Failure - Unknown user name or bad password
538User Logoff
551User initiated logoff
644User Account Locked Out
4624An account was successfully logged on
4625An account failed to log on
4634An account was logged off
4647User initiated logoff
4720A user account was created
4722A user account was enabled
4723An attempt was made to change an account's password
4724An attempt was made to reset an account's password
4725A user account was disabled
4726A user account was deleted
4727A security-enabled global group was created
4728A member was added to a security-enabled global group
4729A member was removed from a security-enabled global group
4730A security-enabled global group was deleted
4740An account was successfully logged on
4767A user account was unlocked

 

  In fase di report filtrare le utenze Amministrative è possibile inserire dal menu "Config" tali utenti amministratori:

Monitor accessi utenti admin

 

Nel caso di un'installazione "Enterprise edition" non saranno necessarie ulteriori configurazioni, mentre nel caso di un'installazione Client/Server, l'audit di sistema deve essere configurato aggiungendo il parametro di avvio "admin" seguendo la seguente guida.

Esempio:

"\\server-it-asset-tool\client\ClientIAT.exe "  server=192.168.0.100 port=18888 senddelay=3600000 admin=Brian

 

N.B. nel caso ci fossero più amministratori da monitorare sarà necessario separarli con una "virgola". Es: admin=Brian,John

 

Monitor della sicurezza di Windows e Audit degli accessi amministrativi.