Rollback for Active Directory

Cygna Auditor enables you to rollback unwanted Active Directory changes, such as changes to group membership, user properties, and other AD attributes. Empowered with this feature, you can not only detect security issues but also fix them in a fraction of second and with a highest precision (up to individual attributes!).

If you are looking for a way to recover deleted AD objects, see Recycle Bin for Active Directory.

Note: If the object was deleted, you cannot roll back changes to its attributes. You have to restore the object with Recovery.

To add events to rollback queue:

  1. Navigate to Tools / Active Directory Rollback.
  2. On the Events tab, review recent changes. Apply filters to search for specific changes.
  3. Select changes you want to rollback and then select checkboxes next to these entries— these changes will be added to a queue.

  4. On the Rollback Queue tab, review the items you are about to rollback to their previous values.

    To rollback specific attributes or to a certain snapshot, select . Cygna Auditor rolls back changes and reverts objects to the state they were at the moment of the snapshot creation. You can use the most recent snapshot or a snapshot taken on a certain date. Follow the wizard to review attribute values that are going to be reverted.

  5. Click Process Queue.
  6. On the next step, select timing, provide administrator credentials, and provide an email address if you want to send a rollback status email.
  7. Select Process Queue Entries.

To see pending rollbacks and status:

It may take a while to roll back changes.

  • Go to the Pending Rollbacks tab to see the rollback queue, with details and status for each change. To remove a change from a queue and cancel its rollback, click on the recycle bin icon next to it.