Cayosoft Guardian integration

With Cayosoft Guardian Integration, administrators can quickly see, understand, and roll back mistakes or malicious changes across the hybrid Active Directory environment within their scope of delegation. Cayosoft Guardian Integration extension provides Recycle Bin web queries and Undelete web action to undelete Active Directory objects and Office 365 users and groups.

Configuring Cayosoft Guardian

IMPORTANT: Before using Guardian integration with Cayosoft Administrator you should check that Cayosoft Guardian is installed and configured. Active Directory domain and Microsoft 365 tenant should be added.

For details please see these articles from Guardian Quick Start Guide:

1. Check required ports:

   1. Run this script:

      Copy

       test-netconnection {sever DNS name where Cayosoft Guardian is installed} -port 443

   2. Check that Guardian Web UI can be opened from the host where Cayosoft Administrator is installed.

2. Installation

3. Add a Tenant

4. Add a Domain

5. Activate Trial

Enabling Guardian Integration extension in Cayosoft Administrator

In order for you can see Recycle Bin queries in Web Portal and be able to undelete objects, you should enable the Guardian Integration extension and configure its' settings.

1. In the Cayosoft Administrator Console navigate to Home > Configuration > Connected Systems Extensions > Cayosoft Guardian Integration

2. Check Extension is enabled.

3. Specify extension settings. For details please see Cayosoft Guardian Integration extension settings article.

Recycle Bin web queries

When the Guardian Integration extension is enabled, you will see the Recycle bin queries in the Web Portal.

NOTE: f Recycle Bin is not enabled in the Active Directory domain, search for the users in the AD Recycle Bin only by cn and samAccontName attributes.

If Recycle Bin is enabled in the domain you can search also by givenname, sn, UserPrincipalName, or DisplayName attributes.

The Recycle Bin Web Query web query in Active Directory Admin Unit that displays deleted Active Directory objects by delegated scope.

The Recycle Bin (Users) web query and Recycle Bin (Groups) web query in Microsoft Office 365 container that displays deleted Office 365 users and groups. The Azure AD Administrative Unit can limit the scope.

Performing objects undelete

For the delegated administrators can use Recycle Bin queries in Web Portal, add a Role-based delegation with these queries in the delegation rule scope.

Each Recycle bin web query has an Unde to undelete the object that is in the scope of the corresponding query.