Required Privileges and Permissions - ADAudit Plus

Create a 'user' account in your Active Directory and configure ADAudit Plus Service / Domain Settings Page with this 'user' account for data collection, processing and report generation.

ADAudit Plus instantly starts to audit, when provided with a 'Domain Admin' account. When users' do not want to provide a 'Domain Admin' account, follow the below steps to manually configure the successful working of ADAudit Plus.

Manage Auditing and Security Log Privilege

Add the user in 'Manage auditing and security log' policy; this is present in Computer Configuration | Windows Settings | Security Settings | Local Policies | User Rights Assignment - Use a GPO and push this setting to all audited Servers.

Member of Event Log Readers

For Domain Controllers above 2003: Open Active Directory Users and Computers | Builtin Container | Add user as a member of 'Event Log Readers' group.

DCOM & WMI Permission

The 'user' must have the DCOM & WMI permission in the Domain Controller with the PDC emulator role of the domain.

Member of Group Policy Creator Owners

Open Active Directory Users and Computers | Users Container | Add user as a member of 'Group Policy Creator Owners' group

Member of Local Administrators Group

Open Local Users and Groups | Groups | Add user as a member of 'Local Administrators' group (On Every Monitored File Servers for File Server Auditing).