Skip to content
Active Directory Pro Docs

AD Audit Pro Release Notes

v1.0.3

Section titled “v1.0.3”

Mailbox reports

Section titled “Mailbox reports”
  • Mailboxes Created
  • Mailboxes Deleted
  • Mailboxes Enabled
  • Mailboxes Disabled
  • Mailboxes Modified
  • Permission Changes
  • Send As / On Behalf
  • Inbox Rules
  • Forwarding & Auto-Reply
  • Mail Item Deletions
  • Mailbox Owner Access
  • Transport Rules
  • Inbound Connectors
  • Outbound Connectors
  • Journal Rules
  • Accepted Domains
  • Remote Domains
  • Transport Configuration

v1.0.0

Section titled “v1.0.0”

First general-availability release.

Active Directory auditing

Section titled “Active Directory auditing”
  • Real-time security log watching on configured domain controllers. New events appear in the UI as they occur.
  • Captured event categories:
    • Users: created, enabled, disabled, deleted, changed, locked, unlocked, renamed
    • Computers: created, modified, deleted
    • Groups: created, deleted, member added, member removed
    • Passwords: user change, admin reset
    • Logons: success, failure, logoff, user-initiated logoff
    • Directory / GPO: object created, modified, deleted, restored, moved
    • OUs: Track changes to organizatinal units, created, deleted, moves.

Microsoft 365 auditing

Section titled “Microsoft 365 auditing”
  • Multi-tenant. Add and manage multiple Azure AD tenants independently from one install.
  • 38+ tracked operations across 9 categories:
    • Users: created, deleted, modified, enabled, disabled, hard-deleted, restored, license changed, MFA enabled/disabled
    • Groups: created, deleted, modified, restored, members added/removed
    • Passwords: user change, admin reset, force-change requirement
    • Roles: member add/remove, role create/update/delete, PIM-eligible add/remove, PIM activation
    • Applications: app registration created/deleted/modified, service principals, role assignments, consent
    • Sign-ins: success and failure with error codes
    • SharePoint: file access, preview, download, upload, modify, delete, restore, rename, move, copy, folder ops, sharing settings, anonymous links, site permissions
    • Teams: team/channel create/delete/restore, settings, member add/remove/role change, tenant settings, policies
  • Exports: CSV, Excel, PDF.

Alerting

Section titled “Alerting”
  • Real-time rule-based alerts fire as AD or M365 events occur.
  • 11 pre-seeded default rules out of the box (user deleted, admin group changes, MFA disabled, account lockout, and more), plus full custom rule creation in the UI.
  • Rule conditions: event type, source (AD / M365 / Both), wildcard patterns on actor and target, severity (Critical / Warning / Info).
  • Trigger modes: Immediate (every match) or Threshold (fire when N occurrences happen within a time window up to 30 minutes) for built-in dedup and storm prevention.
  • Delivery: email to comma-separated recipients and/or in-app inbox.
  • In-app alert inbox with filtering by date range, acknowledged status, and free-text search; shows severity, source, rule, target, and actor.
  • Acknowledgement flow: ack individual alerts or all at once; tracks who acknowledged and when.

Scheduled reports

Section titled “Scheduled reports”
  • Frequency: Daily, Weekly (pick day of week), or Monthly (pick day of month), each with a specific hour/minute.
  • Date ranges: Last 24 hours, 7 days, 30 days, or 90 days.
  • Formats: PDF, Excel, or CSV.
  • Delivery: email attachment to per-schedule recipient list.
  • Run tracking: last-run timestamp and error message stored per schedule; schedules can be enabled or disabled individually.