Frequently Asked Questions
Answers to commonly asked questions about Enzoic for Active Directory
GENERAL
Enzoic for Active Directory registers a Microsoft standard Password Filter. This filter is used to gate user password changes and check candidate passwords against a continuously updated cloud database of exposed passwords using a partial hash based comparison.
When a user password change is received by the LSA, it notifies Enzoic’s Password Filter DLL. The Enzoic Service connects via HTTPS to the Enzoic Cloud API to check a partial hash of the new password. If the password is identified as compromised, it is rejected. If the password is not compromised, the password change operation is allowed to proceed.
INSTALLATION
Enzoic for Active Directory supports any Windows Server 2008 R2 or greater for Forest and Domain functional level. Microsoft .NET Framework 4.5 is required. Enzoic for Active Directory requires an active Internet connection. You can specify a proxy server if you do not want Enzoic for Active Directory communicating directly over the Internet. If your firewall requires whitelisting IPs for traffic on port 443, please see Firewall Requirements in our Enzoic for Active Directory Installation Instructions.
FEATURES
Root password detection provides more flexibility in the setting configuration. This option will enable or disable determining the function to determine a "root" password. It does this by removing trailing numbers and symbols.
For example:
- The password Blackberry1234!!! has a root password of Blackberry.
- If this option is enabled, the root password on Blackberry is checked with the other calculated variants.
Yes. There is a Monitored Users report displaying the status of all protected user accounts. Compromised accounts are clearly indicated. If an account is not being monitored, the reason is shown.
- The Monitored Users report can be filtered and sorted from the Enzoic Console.
- Data from this report can be exported to a CSV file that can be used by automation scripts or opened in applications such as Excel.
Yes. Enzoic for Active Directory logs important events to a JSON format log file which can be used for ingestion into SIEM systems. Read: Documentation for SIEM Logging