Active Directory Listen Operation

Overview

The Active Listen operation attaches a listener to the target Active Directory instance, waiting for any changes in the directory. When a change occurs the containing operation list is notified of changes and subsequently executes.

Technical Requirements

The Active Directory Listen operation requires an operational target Active Directory instance to check for changes against. This target Active Directory instance needs to be configured with a set of access privileges which will facilitate the connection details specified by the selected AD Agent.

Usage

This operation can be used to complement the Active Directory Changes or Active Directory Sync Changes operations to improve the timeliness of change notification.

Configuration

In addition to the common listen operation configuration settings shared by all Listen Operations, the Active Directory Listen operation requires the following by way of configuration:

Name
Description
Distinguished Name Base DN to begin searching on, typically referring to an organizational unit.
Filter LDAP filter to apply to search results.
Search Scope

A description of the scope of the search:

  • Subtree : check all children of the selected node and their respective children (and so on).
  • OneLevel: check all children of the selected node but ignore their children.
  • Base : only check the selected node
Attribute Name The name of the lastLogon attribute, to be used if logons should be ignored for change detection.
Allowance

The minimum time difference allowed against which changes will be ignored.

E.g. If this value is set to 30 seconds, logins within 30 seconds of checking will be ignored. (Already processed changes will also be ignored)

Name
Description
Distinguished Name Base DN to begin searching on, typically referring to an organizational unit.
Search Scope

A description of the scope of the search:

  • Subtree : check all children of the selected node and their respective children (and so on).
  • OneLevel: check all children of the selected node but ignore their children.
  • Base : only check the selected node
Attribute Name The name of the lastLogon attribute, to be used if logons should be ignored for change detection.
Allowance

The minimum time difference allowed against which changes will be ignored.

E.g. If this value is set to 30 seconds, logins within 30 seconds of checking will be ignored. (Already processed changes will also be ignored)

CHECK: An Active Directory agent is required to configure an Active Directory Listen operation.

Image 3534

Operation Active Directory Listen Operation

Is this article helpful for you?