Skip to main content
TrustRadius
ManageEngine ADAudit Plus

ManageEngine ADAudit Plus

Overview

What is ManageEngine ADAudit Plus?

ADAudit Plus offers real-time monitoring, user and entity behaviour analytics, and change audit reports that helps users keep AD and IT infrastructure secure and compliant.Track all changes to Windows AD objects including users, groups, computers, GPOs, and OUs.Achieve hybrid AD monitoring with…

Read more
Recent Reviews

ADAudit Plus Review

9 out of 10
February 24, 2024
Incentivized
We have two products. One for the Domain controllers and the second for the file servers. ADAudit Plus collects all of our data, logs, …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 15 features
  • Data visualization (41)
    9.0
    90%
  • Administrator access control (44)
    8.8
    88%
  • Customizable reporting (46)
    7.8
    78%
  • Automated alerts and notifications (44)
    7.2
    72%

Reviewer Pros & Cons

View all pros & cons
Return to navigation

Pricing

View all pricing

Standard

$595

On Premise
per year

Professional

$945

On Premise
per year

Entry-level set up fee?

  • No setup fee
For the latest information on pricing, visithttps://www.manageengine.com/products/a…

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting/Integration Services

Starting price (does not include set up fee)

  • $595 per year
Return to navigation

Features

Monitoring Tasks

Various types of monitoring

7.9
Avg 8.4

Management Tasks

Various tasks required to keep systems running smoothly

8.9
Avg 8.5

Reporting

Report generation to help with system monitoring tasks

8.5
Avg 8.2

Security

Management of security aspects of system monitoring

6.6
Avg 7.6
Return to navigation

Product Details

What is ManageEngine ADAudit Plus?

ADAudit Plus offers real-time monitoring, user and entity behaviour analytics, and change audit reports that helps users keep AD and IT infrastructure secure and compliant.

  • Track all changes to Windows AD objects including users, groups, computers, GPOs, and OUs.
  • Achieve hybrid AD monitoring with a single, correlated view of all the activities happening across both on-premises AD and Azure AD.
  • Monitor every user's logon and logoff activity, including every successful and failed login attempt across network workstations.
  • Audit Windows file servers, failover clusters, NetApp, and EMC storage to document changes to files and folders.
  • Monitor system configurations, program files, and folder changes to ensure file integrity.
  • Track changes across Windows servers, printers, and USB devices with a summary of events.
  • Leverage advanced statistical analysis and machine learning techniques to detect anomalous behaviour and defend against cyber attacks.

ManageEngine ADAudit Plus Features

Monitoring Tasks Features

  • Supported: Remote monitoring
  • Supported: Network device monitoring
  • Supported: Multiple Server Monitoring
  • Supported: Multi-device monitoring
  • Supported: Automated alerts and notifications

Management Tasks Features

  • Supported: Service configuration management
  • Supported: Policy-based automation

Reporting Features

  • Supported: Performance data reports
  • Supported: Customizable reporting
  • Supported: Data visualization
  • Supported: Risk analysis

Security Features

  • Supported: Administrator access control

ManageEngine ADAudit Plus Screenshots

Screenshot of Active Directory AuditingScreenshot of Track Account LockoutsScreenshot of Logon MonitoringScreenshot of Audit User PrivilegesScreenshot of PCI - DSS Compliance

ManageEngine ADAudit Plus Video

Redinet's testimonial about ManageEngine ADAudit Plus

ManageEngine ADAudit Plus Technical Details

Deployment TypesOn-premise
Operating SystemsWindows
Mobile ApplicationApple iOS, Android, Windows Phone
Supported CountriesGlobal
Supported LanguagesEnglish

Frequently Asked Questions

ManageEngine ADAudit Plus starts at $595.

Netwrix Auditor, SolarWinds Access Rights Manager (ARM), and Splunk User Behavior Analytics (UBA) are common alternatives for ManageEngine ADAudit Plus.

Reviewers rate Multiple Server Monitoring highest, with a score of 9.2.

The most common users of ManageEngine ADAudit Plus are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(120)

Attribute Ratings

Reviews

(1-25 of 50)
Companies can't remove reviews or game the system. Here's why
Score 9 out of 10
Vetted Review
Verified User
Incentivized
We Use ADAudit Plus to audit our AD on-prem and see who did what on accounts. This also allows us to track login attempts from an external source. We also use this platform to help manage stale accounts and accounts with too much privilege. We are also able to see what server users and admins are logging in.
  • User id tracking and modification.
  • Who logged in to what.
  • How many failed attempts per user.
  • Reporting from longer term faster.
  • GUI could be improved.
  • More customizable dashboard.
We detected that a person was logged into a server with his regular credentials when he should not have been able to since only admin accounts are allowed to do so. We saw a user getting locked accounts all the time, logging into a server, and then logging out. After he changed his password twice, the account locked out due to the login.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We use ManageEngine ADAudit Plus as a security layer for AD activity audits, automatic detection of anomalous behavior, and also as a research tool to find users vs. computers.
  • Identify unusual logins to AD, such as after hours, for example.
  • Detailed audit of user changes in AD, like account change auditing, group policy changes auditing
  • Custom Reports and Alerts
  • No changes required.
  • No changes required.
  • No changes required.
ADAudit Plus is suitable for any size of company, due to its licensing format, but I believe that in more complex scenarios, for companies that take information security seriously, it is indispensable.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
i use ManageEngine ADAudit Plus to my Siem integration. also, i use it when i asked for to see who deleted file and folder and when. it even used me once to troubleshot deleted files by service account.
  • audit ad changes
  • audit deleted files
  • map service users
  • 1 click setting
  • if there is new dc, it should be added automatically
security scenarios. more than once, i used it to see changes in gpo, enabled account , etc...
February 26, 2024

ManageEngine ADAudit Plus

Score 8 out of 10
Vetted Review
Verified User
Incentivized
We use this to track and managed failed/unusual sign ins and unusual activity within our estate
  • User Audit tracking - logon/log off events
  • unusual azure logon activity
  • unusual file activity
  • AD changes
  • Easier understanding of report creation
  • more modern interface
ManageEngine ADAudit Plus is useful in identifying who changed what and when within AD and Azure AD. It is helpful in identifying why logins fail and allow easier resolution. Tracking of anomalous behaviour.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
This product is used to monitor anything to do with AD
We rely on the alerts of new and disabled users as verification of our automation system.
We use the feature of Auditing selected key servers to find out when permissions change and by who.
  • Email alerts
  • Reviewing folder change permissions
  • AD permissions change reports
  • Auto update of the product
Track changes on our files servers
Track logons on servrs
Track administrator changes
Track admin AD changes
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We have been a ManageEngine ADAudit Plus customer for over eight years and have used it to monitor protected Active Directory groups. The groups that we primarily monitor are groups that have elevated privileges within Active Directory, such as Domain Admins, Domain Operators, and groups that have privileges to reset passwords. If a member is removed or added to one of these groups ManageEngine ADAudit Plus will generate an email alert that goes out to system admins.
  • Monitors privledged group memberships
  • detailed reports are available
  • monitors changes to Group Policy settings
  • more robust reporting , dashboards, etc
in our environment we have found it to be most beneficial to as an alerting system when someone has been added to a privilege group that may not have been authorized to be in the group. These alerts go to the Domain Admins group that will then determine if the user role is authorized or not. We also use to track who has done Group Policy updates and may not have gone through the correct Change Control process.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Our company uses this product in multiple ways. We use it from a security and auditing perspective to monitor Windows logons to critical Windows devices, monitor account lockouts on how often they are occurring down to the source of the authentication and monitoring real-time changes in our Windows environment. From an auditing perspective we monitor file changes to critical locations, privileged user monitoring, peripheral device auditing and starting to integrate and use it in our cloud environments as well. The problems this products address for us are is provides us with deeper reporting then we used to have all of the auditing/security options available wit the product. The reporting is pretty deep, informative and easy to understand for all levels of management. Our scope and use case was for more enhanced reporting options from a security and auditing perspective in which this product excelled at for us and our needs.
  • Windows Logon Monitoring
  • File Change Monitoring
  • Privileged User Monitoring
  • USB Auditing
  • Reporting
  • Improve the initial setup as we had a few issues
  • The Managing File Server activity could be improved
  • Web portal needs to be updated from a look & feel perspective
  • Upgrade the custom reports
The ManageEngine ADAudit Plus solution is well suited for us when it comes to all of the security and auditing features and capabilities. Being in a highly regulated industry, having the access and the visibility this solution provides is so needed and very important. Also, the name carries weight as well with auditors as they are aware of the product and its capabilities as well. It currently has no areas for us as to being not appropriate.
February 26, 2024

Great bang for the buck.

Score 8 out of 10
Vetted Review
Verified User
Incentivized
We use it mostly for an information trail. It helps us troubleshoot, accidental deletions on our file server and changes to our Active Directory environment. Recently have been setting up more alerting around permission changes on objects and User creation activities.
  • Logging
  • Reporting
  • Alerting
  • Steep learning curve
  • alerting customization
It is very cost effective solution, it covers most of our needs compared to competitors at a fraction of the price. It requires a bit of work to get to a great place as far as relevant information
February 26, 2024

AD Auditing Easily

Neil Shepherd | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
We use ManageEngine ADAudit Plus to keep a record of logins in our data centre. This is data that we could never keep track of manually and the product does a great job. There are also some users who may not work outside of their specific hours. This allows us to report on this effectively. A 3rd aspect is troubleshooting failed RDS logins. We can track the journey more effectively.
  • Tracking user logins
  • Tracking failed logins
  • There have been occasions where the service was not running and i would not have known without logging in
  • The upgrade process could be simpler
It is most suited to keeping an eye on any potential bad actors gaining or trying to gain access
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We have used ManageEngine ADAudit Plus in our organization for quite a few years. The product provides excellent granular visibility into all things Active Directory. We use the product on a daily basis and are very happy with what we can get out of the product.
  • Audit of AD groups and GPOs
  • Alerting for audit of administrative events
  • AD lockout tracking
  • Setting up an alert for a triggered event for an AD group for example could be easier to setup
I think ManageEngine ADAudit Plus is a great fit in most any enterprise scenario.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
We use ManageEngine ADAudit Plus to audit our user logins, password changes, group membership changes, and a whole ton more. We utilize ManageEngine ADAudit Plus to make sure we have a log of all our administrators changes to the any file systems and also to track any rogue or hijacked accounts in the case of a security breach.
  • Auditing
  • Keeping logs of user's changes
  • A great dashboard
We have had some administrative staff make changes that were not authorized and having ManageEngine ADAudit Plus really helped us provide the evidence that they in fact made the unauthorized change. We've also had a case where some file changes were made by service accounts and that helped us figure out which ones were doing the change.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We monitor access to domain controllers and especially sensitive files on our file server. It has helped to identify when if anyone accessed or attempted to access sensitive files. It has also helped in monitoring password and username failures. We have several daily reports we use for these.
  • bad password/username monitoring
  • file access monitoring
  • logon activity monitoring
  • a security hardening section like other ManageEngine products
  • make the user interface more similar between other ManageEngine products
  • a little more detail in reports
It's been a great tool for monitoring Active Directory logins and access to files on our servers. I receive daily reports on failed logins which helps to find users with expired passwords that could be logged in to multiple computers and causing constant failed logins. As well as bad usernames which is very helpful to identify unwanted logins on computers or attempts by certain users that should not be logging in at all. We monitor access to sensitive HR and CEO files.
Ken Lubar | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Incentivized
We use ManageEngine as an SIEM system for reporting on AD and other events. Various of our customers require SIEM systems and ManageEngine met the needs. It's pretty lightweight. We have about 50 workstations and 2 active AD controllers. Not a lot of usage against the ManageEngine but it mostly does the job. See later in the review for the good, bad, and ugly.
  • Data capture against a wide variety of sources (logs, events, windows, Linux systems)
  • Ability to find specific events in the logs
  • Basically unlimited history
  • Useful dashboard (although not really once you dig into it)
  • It's based on Java engine that is slow -- reports are often difficult to build (we are going to upgrade the machine it's running on to see if this is the issue)
  • Keeping this software up to date is a pain; there should be a better "update" function
  • The naming and navigation are terrible -- it's never clear which feature you're looking for and where it's hidden in the menus
  • Adding machines is not as easy as it should be; occasionally there are IP conflicts that are nearly impossible to resolve
ManageEngine is mostly a "check the box" solution for SIEM systems. We needed something that satisfied our customer and was cost-effective. I would highly rate the system on "worth what paid for". Support is eager to please and prompt. My only issue is that it's mostly based outside the US with helpful, but non-native speakers so it's hard to understand them. I wish they would spring for better help "phone lines" so I'm not dealing with difficult to understand and unclear speakers.
February 24, 2024

ADAudit Plus Review

Score 9 out of 10
Vetted Review
Verified User
Incentivized
We have two products. One for the Domain controllers and the second for the file servers. ADAudit Plus collects all of our data, logs, logins, changes in out domain, changes in permissions, any suspicious activity. It also sends us alerts vis Email or SMS. We also using the reports to see if there is something not as usual.
  • Dashboard
  • Reports
  • Alerts
  • The self SSL certificate is a bit tricky
  • I think the KB is outdated
The instant alerts when something happens is great, it has good details on what and who did the change or event. Can't think of a scenario where it is less appropriate.
Score 8 out of 10
Vetted Review
Verified User
Incentivized
We utilize it to address a gap in logging when it comes to tracking AD changes completed by our systems & support teams.
  • User, GPO, Computer object change auditing
  • AD activity tracking/auditing such as login failures
  • LAPS password read auditing
  • Radius logging
  • Better availability of archived logs - remounting logs can be time consuming
To provide increased logging and reporting ability in the form of a cost-effective and easy-to-deploy solution. To provide a plug-and-play solution to manage even the most decentralized AD environments.
February 24, 2024

ADAudit Plus Review

Score 10 out of 10
Vetted Review
Verified User
Incentivized
We warn users when their passwords are about to expire. Also, track who is logged onto a server when an anomaly occurs. Administrator account login failures are also tracked.
  • Account auditing
  • Account expiration
  • Account reporting
  • Nothing at this time
It is well suited for account auditing and reporting. I have not found anything I do not like.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
To quickly review/investigate changes made to user accounts, groups, computers, and NetApp directories. Get immediate alerts upon changes to critical accounts, etc. Investigate account and password lockout issues. Export required reports in pdf or excel format.
  • Dashboard for Top Logon failures and recent critical alerts.
  • Monitor file server/shares for changes and alerting for critical shares.
  • Monitor critical group changes and alerting.
  • Reporting at granular level in different formats.
  • Alert profile setup with regular expressions.
Helps investigate logs much more quickly Archive logs for longer retention as most of the Active Directory logs get overridden really quickly Helps get alerts for critical changes in real-time Helps with reporting needs Provides dashboard.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
We use AdAudit to centrally repository all Active Directory user and system events. And do monthly, quarterly, and yearly reporting on user interactions, permission changes, account creations, and deletions. And for helping find where people get locked out. Great tool for AD reporting all around! You can create reports in various file formats; pdf, csv, xls, etc for the necessary consumption needs.
  • AD reporting.
  • Live user account event research and review.
  • network drive access permission changes.
  • some of the reports have bugs and have been long-standing issues not resolved for years.
  • web portal has not really changed in look & feel in years.
  • not always the easiest to customize reports.
Active Directory environments ADAudit works very well. For workgroups, it won't always work the best. Pricing is very scalable for an organization of any size and growth pattern to do reporting and AD analysis. With the new offer for cloud and on-prem installation services any company can get in on this tools' use for an attractive price.
Michael Baxley | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Incentivized
AD Audit plus lets our IT staff track changes and alerts to AD activities. Security events and change management are easily tracked, recorded, and reported.
  • Detects new users, privileged users.
  • Detects failed and successful login attempts.
  • Detects new computers added to domain.
  • Detects Group Policy Changes.
  • Integration with Azure could be better documented.
  • More analytics for compliance templates.
  • More flexible custom reports.
Tech support is quick to provide assistance with custom reports or configurations.
Score 10 out of 10
Vetted Review
Verified User
ManageEngine ADAudit plus has become an integral part of my day to day operations, it's used heavily on assisting our service desk team and the business as a whole with simple yet complex tasks such as unknown account lock outs, Reports of user activity i.e. logon and logoff reports, scheduling of reports, folder permission statuses. This has become a much needed tool in the technology arena.
  • Reporting
  • File Audits
  • Summary view of activity
  • User activity report - for some users no data is generated
  • Scheduling reporting - don't always generate the report when times are set
During the pandemic after being instructed to work from home, it became a bit challenging for departments to track employee activity, the business approached IT for a solution which we quickly constructed using ManageEngine ADAudit reports "Logon Logoff activity" this provided the business with some clarity on attendance and absences.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
I use ADAudit Plus to monitor attempts to access administrative accounts and notify via email. It also helps troubleshoot accounts that are continuously locked out and other anomalies on the network. It's great for monitoring who is accessing files from our file servers as well as our QNAP NAS. Any time an admin makes a change to Group Policy, I'm notified via the change was made, by whom, and what specifically was altered.
  • Monitors network activity in real time.
  • The dashboard is clean and customizable.
  • It doesn't require many resources to run.
  • The process to update the software could be a little cleaner.
  • I'd like to be able to suppress certain alerts.
ADAudit is one of the most important tools in my arsenal regarding network security. I'm impressed by how quickly it is able to alert me if changes are made on the network. I use this tool every day as my first line of defense for cybersecurity.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
We use it for checking logins and auditing account usage. When did this user login? How many times did this user try to login today? Was this user logged in at this time? The feature used mose on this product for us is login activity tracking.
  • Auditing logins and logoffs
  • Finding account lockouts
  • More azure linked tools and reports
Its been a great tool for our IT department for several years.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
We use it to audit the system (changes) and the techs who are in charge of doing accounts, moving accounts, creating computers. etc.
Gives us a deeper dive into the stuff that happens in AD w/out us realizing. We utilize this tool a lot!
  • Logging
  • Features available
  • Interface and layout
  • Multiple domain access
  • Server integration
  • simplify notifications
  • some feature seem clunky
Well suited in any Active Directory environment. It helps us in a bunch of different ways but most notably the actual auditing of our environment. It hits the WHO? When? Where? for us. Who made the change, when they made the change and of course where they made the change. Being able to go back over a year is also very helpful.

If you're not in an AD environment, the software is obviously not helpful but if you are...don't miss out. Implementation is a breeze, the software works great. Support is consistent. Not the best, but definitely not the worst.
Aaron Nielson | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
We use ADAudit Plus to actively monitor our on-prem and Azure instances of Active Directory. We utilize the tool to provide alert and logging functions for multiple Active Directory user events as well as detect unexpected configuration changes to our Active Directory configuration. The tool also provides detailed account reports that can be utilized as evidence during an audit. The reports contain details such as who, what and when was changed for user, computer and groups as well as objects such as GPOs, etc. The tool also provides additional functionality such as analytic alerts and reports for anomalous user activity, file and server audits and FIM. We find this tool to be invaluable in monitoring the state of our Active Directory environment and it has helped us thwart intrusion events and malicious activity. This tool is invaluable for monitoring and auditing your Active Directory environment and it is available at a very competitive price.
  • Activity reporting
  • Alerting on anomalies and unexpected events
  • Ease of deployment and configuration
  • Excellent end user support
  • Custom alerts can be difficult to write/configure
  • Would like to see more complex alerting for common AD attacks such as Kerberosting, etc.
This audit solution is appropriate for both small and large institutions. It can provide excellent audit reports that are easily obtained and provide clear details of the who, what, when. There are other solutions that are a bit more robust when it comes to detecting and alerting on malicious activity but for the cost and customizable options, ADAudit Plus is hard to beat. I have successfully used this product to detect and thwart intrusion events. If configured correctly, it can provide robust detection and alerting capabilities.
Score 9 out of 10
Vetted Review
Verified User
Incentivized
We use ADAudit plus to keep tabs on everything that is happening in AD. Predefined and custom alerts allow for very granular alerting based on the things that matter most to you. Alerts happen in real-time for admin-related and other high-profile tasks that are happening in AD. There is also historical data that can be used for trending or troubleshooting. Reports can be generated for a large number of events. We also use this for file server auditing to see what users deleted, modified, moved, etc. files or folders.
  • Alerting on relevant events.
  • Report generation for specific scenarios.
  • Logging of meaningful data.
  • Correlation/Anomalous Activity checks.
  • In earlier releases there were quite a few bugs and performance issues. These have since been resolved.
  • When integrated with the Log360 Suite, it can be confusing on whether EventLog Analyzer or ADAudit Plus are "managing"/"Ingesting" the data from a given endpoint.
If you are using an Active Directory environment, this tool will complement any existing UEBA/SIEM type tools you have in place.
Return to navigation