Frequently Asked Questions
Answers to commonly asked questions about Enzoic for Active Directory
When a user password change is received by the LSA, it notifies Enzoic’s Password Filter DLL. The Enzoic Service connects via HTTPS to the Enzoic Cloud API to check the new password and return a response. If the password is identified as compromised, it is rejected. If the password is not compromised, the password change operation is allowed to proceed.
Separately an Enzoic Console application is installed as a user interface to define the desired configuration. The configuration is stored in the Active Directory and replicated to other domain controllers via standard AD replication. The Enzoic Console is installed by default on the Domain Controller, but can be installed on any server connected to the domain.
Enzoic for Active Directory supports any Windows Server 2008 R2 or greater for Forest and Domain functional level. Microsoft .NET Framework 4.5 is required. Enzoic for Active Directory requires an active Internet connection. You can specify a proxy server if you do not want Enzoic for Active Directory communicating directly over the Internet. If your firewall requires whitelisting IPs for traffic on port 443, please see Firewall Requirements in our Enzoic for Active Directory Installation Instructions.
Organizations have unique needs, so the automated responses can be customized when compromised or weak passwords are found. Organizations can automatically force a password reset, disable the account, or send alerts to an admin, the IT helpdesk or the user. The organization can then select the appropriate automated action—ranging from prompting the user to change their password on some future login to instantly disabling the account.
Yes. Enzoic for Active Directory logs important events to a JSON format log file which can be used for ingestion into SIEM systems. Read: Documentation for SIEM Logging