All versions of Centrify Auditing and Monitoring ServiceProblem:
In a trusted cross forest environment, with your DirecAudit installation object configured in Forest A while the Centrify agent / Collector console located in Forest B. When user tries to enable the Auditing and Monitoring Service, the service will not be available on the list as shown below:Solution:
This is an expected behavior. The Centrify agent (Also the Centrify Audit Collector) are designed to never crosses the forest boundary to search for DA installation; it will only look into its own forest.'
The best practice to set this up would be publishing the DA Installation ServiceConnectionPoint object into Forest B with the following steps:
- Open up Audit Manager console -> Installation -> Properties -> Add Publication location to remote forest
- Install an additional Audit Collector in the remote forest and configure it to talk with the remote installation
This way the agents from that forest will be able to view this DA Installation and communication with the local forest collector for auditing. Please note that the logged-in user will need AD permissions to write the selected OU/container in the remote forest, otherwise this operation will fail.Workaround:
If publishing the DA Installation object to remote forest is not possible, you can workaround the issue with the following methods to force the agent to talk to the specific installation.
1. Define the Group Policy with the Installation name or GUID
Computer Configuration > Policies > Centrify DirectAudit Settings > Common Settings > Installation
- Set the location as the DA installation object
2. Configure the Installation registry key on the Windows machine
- Set the value as your Installation GUID (You can find it from the properties of the DA Installation SCP object)
- Restart the agent to enable Auditing and Monitoring Service