Configure Auditing and Reporting

The following AD Bridge reporting components depend on the use of the database and the data collectors:

  • Audit and Access Reporting
  • Operations Dashboard
  • Enterprise Database Management


The reporting system includes the following components. We recommend that you deploy each component to a dedicated server.

  • Database server hosting SQL Server. The database server stores the AD Bridge event data and information about the Active Directory configuration related to AD Bridge.
  • The Collector and Reaper data collection services make up the collection server. The collection server stores AD Bridge agent event data from multiple agents and periodically copies that data to the database server, BeyondInsight, or both.
  • A Windows machine with AD Bridge and RSAT installed and joined to the domain. In this section, this machine is referred to as the Admin machine.
    • AD Bridge group policies must be configured to allow event forwarding from AD Bridge agents to the database server through the collection server.
    • User access must include a user who can create a SQL Server database.
    • The reporting environment contains the AD Bridge agents which generate events that are forwarded to a collection server, and the LDBUpdate utility, which updates the database server with information on cells, computers, etc.

To communicate with SQL Server, AD Bridge currently only supports .NET Framework Data Provider for SQL Server (SqlClient) in the System.Data.SqlClient namespace. OLE DB and ODBC are not supported.

For more information, see .NET Framework Data Providers.

The AD Bridge Reporting Landscape

The diagram outlines the flow between the agent machine, collection server, database server and the admin machine for the BeyondTrust Management Console.

Diagram of the AD Bridge reporting system components