NetIQ Change Guardian provides enhanced user monitoring in conjunction with NetIQ Directory and Resource Administrator (DRA). Together they provide an integrated solution to control, manage, and monitor the Active Directory environment.
For example, when you use DRA to make changes to Active Directory, and you create a user from the Create User wizard in DRA, the Change Guardian server gets notified and the web console displays the actual user name of the user who logged in to DRA to make Active Directory changes.
By monitoring activity in Active Directory, Change Guardian can detect if users are bypassing DRA and making changes to Active Directory that are not compliant with the policies defined in DRA.
NetIQ Change Guardian displays the actual user name for the following specific set of actions performed using DRA in Active Directory:
User account created
User account modified
User account unlocked
Active Directory (AD) object created
Active Directory (AD) object modified
Computer account created
Computer account modified
Enable computer
Disable computer
Contact created
Contact modified
Group created
Group modified
Organizational Unit (OU) added
Organizational Unit (OU) modified