3.36 PropertyWatch

Use this Knowledge Script to monitor changes to any property of any Active Directory object. This script raises an event if any Active Directory property changes for an object, and if Active Directory properties are not found or are not available.

This script monitors one property at a time. By default, it monitors the whenChanged property, which includes any changes to the Active Directory object.

Because there are many different types of Active Directory object properties, some properties are not supported by this script. If you try to monitor a property that is not supported by this script, the job fails and an event is raised.

3.36.1 Resource Objects

Any Windows computer

3.36.2 Default Schedule

The default interval for this script is Every 15 minutes.

3.36.3 Setting Parameter Values

Set the following parameters as needed:

Parameter

How to Set It

General Settings

Raise event if job fails

Event severity when job fails

Set the severity level, from 1 to 40, to indicate the importance of an event in which the PropertyWatch job fails. The default is 35.

Monitor property changes for an object

LDAP path to the Active Directory object

Specify the LDAP path to the Active Directory object. For example:

LDAP://dc1.netiq.com/CN=Administrator,CN=Users, DC=dc1,DC=netiq,DC=com

Active Directory property name

Specify the name of the Active Directory property you want to monitor for changes. The default is whenChanged.

Some valid property names are:

  • isDeleted, which indicates whether the object has been deleted.

  • modifyTimeStamp, which indicates whether the object’s modification time has changed.

  • USNChanged, which indicates whether the object’s Update Sequence Number has changed.

  • whenCreated, which indicates when the object was created.

  • allowedChildClasses, which lists the classes that can be created under the object.

  • displayName, which indicates the object’s displayed name.

For example, to monitor changes to the modification time stamp for an object, specify the modifyTimeStamp property name. The USNChanged property provides similar information but uses the USN rather than a timestamp and can be useful for monitoring replicated object properties.

Event Notification

Raise event if object property has changed?

Select Yes to raise an event if the object property changes. The default is Yes.

Event severity when object property has changed

Set the severity level, from 1 to 40, to indicate the importance of an event in which the object property changes. The default is 20.

Data Collection

Collect data for changes to object property?

Select Yes to collect data for charts and reports. If enabled, data collection returns:

  • 100 -- no property changes detected, or

  • 0 -- a property has changed.

The default is unselected.