ANALYSIS AND MAPPING OF LOG ERRORS IN ACTIVE DIRECTORY IN AREAL PRODUCTION ENVIRONMENT: A CASE STUDY IN COMPANY USINASITAMARATI (UISA)
DOI:
https://doi.org/10.61164/rmnm.v12i1.4231Palabras clave:
Microsoft Windows, Active Directory, Event logs, Corporate environmentResumen
In corporate networks, Active Directory (AD) is one of the main tools for managing, centralizing, and authenticating user and service access. In this context, mapping the main errors related to AD is essential to prevent future failures. This article presents a case study at Alfa Company, which has 4,000 users in AD, based on the analysis of logs collected between January 2022 and December 2023. Thus, the 10 most frequent errors were identified and classified into two categories: Application Logs and System Logs. Each error was mapped, categorized, and represented by graphs and tables, considering type, class, frequency, affected user profile, and possible solutions. The results demonstrate that the systematization of errors contributed significantly to identifying recurring failures, assessing impacts on the corporate environment, and developing practical and effective solutions
Descargas
Referencias
Active Directory: O que é e como funciona? Controle Net, São Paulo, 23 de jun. de 2022. Available at: https://www.controle.net/faq/active-directory/. Accessed on: April 6, 2025.
Active Directory: saiba o que é e como funciona esse recurso. Dinamio, 5 de abr. de 2021. Available at: https://www.dinamio.com.br/blog/2021/04/05/active-directory-saiba-o-que-e-e-como-funciona-esse-recurso/. Accessed on: April 2, 2025.
BARRETO, Jeanine S.; ZANIN, Aline; SARAIVA, Maurício O. Fundamentos de redes de computadores. Porto Alegre: SAGAH, 2018. ISBN 9788595027138. Available at: https://integrada.minhabiblioteca.com.br/reader/books/9788595027138/. Accessed on: April 2, 2025.
FOULDS, Iain et al. Visão geral dos serviços de domínio Active Directory. Microsoft, 8 de mar. de 2023 Available at: https://learn.microsoft.com/pt-br/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview/. Accessed on: April 2, 2025.
FOROUZAN, Behrouz A. Comunicação de dados e redes de computadores. 4. ed. Porto Alegre: ArtMed, 2010. E-book. p.i. ISBN 9788563308474. Available at: https://integrada.minhabiblioteca.com.br/reader/books/9788563308474/. Accessed on: April 6, 2025.
GRIPPO, T.; KHOLIDY, H. A. Detecting Forged Kerberos Tickets in an Active Directory Environment. ArXiv, 2022. DOI: https://doi.org/10.48550/arXiv.2301.00044.
HARWOOD, Robin et al. Credentials Processes in Windows Authentication. Microsoft, 13 de set. de 2023 Available at: https://learn.microsoft.com/en-us/windows-server/security/windows-authentication/credentials-processes-in-windows-authentication. Accessed on: April 6, 2025.
KEYOGEG, Benjamin et al. Automated detection of ransomware in windows active directory domain services using log analysis and machine learning. Authorea Preprints, 2024. DOI: 10.22541/au.172779663.36925703/v1. DOI: https://doi.org/10.22541/au.172779663.36925703/v1
KUROSE, J. F.; ROSS, K. W. Redes de computadores e a Internet. Bookman Editora, 2021. Available at: https://archive.org/details/kurose-redes-de-computadores-e-a-internet-8a/. Accessed on: April 3, 2025.
LAKATOS, Eva M. Fundamentos de Metodologia Científica. Grupo GEN, 2021. E-book. Available at: https://integrada.minhabiblioteca.com.br/#/books/9788597026580/. Accessed on: April 2, 2025.
LIANG, Han et al. Erro ou problemas de conexão ao configurar endereços WINS para um servidor WINS. Microsoft Windows, 15 de jar. de 2025. Available at: https://learn.microsoft.com/pt-br/troubleshoot/windows-server/networking/setting-wins-server-options. Accessed on: April 2, 2025.
MARCONI, Marina de A.; LAKATOS, Eva M. Metodologia Científica. Grupo GEN, 2022. Available at: https://integrada.minhabiblioteca.com.br/#/books/9786559770670/. Accessed on: April 2, 2025.
MOKHTAR, Basem Ibrahim et al. Active directory attacks: steps, types, and signatures. Electronics, volume 11, número 16, página 2629, 2022. DOI: https://doi.org/10.3390/electronics11162629. DOI: https://doi.org/10.3390/electronics11162629
MORAES, Alexandre Fernandes de. Firewalls: Segurança no Controle de Acesso. Editora Saraiva, 2015. E-book. ISBN 9788536521978. Available at: https://integrada.minhabiblioteca.com.br/#/books/9788536521978/. Accessed on: April 2, 2025.
MORAES, A. Fernandes de. Segurança em Redes: Fundamentos. Ed. Saraiva, 2010. Available at: https://integrada.minhabiblioteca.com.br/#/books/9788536522081/. Accessed on: April 2, 2025.
MOTERO, Carlos Díaz et al. On attacking Kerberos authentication protocol in windows active directory services: A practical survey. IEEE Access, v. 9, p. https://doi.org/109289-109319, 2021. DOI: https://doi.org/10.1109/ACCESS.2021.3101446
RADAH, Tarek; CHAOUI, Habiba; SAADI, Chaimae. Detecting Unconventional and Malicious Windows Authentication Activities Through Statistical Rarity Assessment. International Journal of Safety & Security Engineering, v. 13, n. 5, 2023. DOI: https://doi.org/10.18280/ijsse.130501. DOI: https://doi.org/10.18280/ijsse.130501
WHITE, Steven et al. Bibliotecas COM, DCOM e Type. Microsoft, 13 de mar. de 2025. Available at: https://learn.microsoft.com/pt-br/windows/win32/midl/com-dcom-and-type-libraries. Accessed on: April 6, 2025.
Descargas
Publicado
Número
Sección
Licencia
Derechos de autor 2025 Revista Multidisciplinar do Nordeste Mineiro
Esta obra está bajo una licencia internacional Creative Commons Atribución-NoComercial-CompartirIgual 4.0.
Authors who publish in this journal agree to the following terms:
Authors retain copyright and grant the journal the right of first publication, with the work simultaneously licensed under the Creative Commons Attribution License, which permits the sharing of the work with proper acknowledgment of authorship and initial publication in this journal;
Authors are authorized to enter into separate, additional agreements for the non-exclusive distribution of the version of the work published in this journal (e.g., posting in an institutional repository or publishing it as a book chapter), provided that authorship and initial publication in this journal are properly acknowledged, and that the work is adapted to the template of the respective repository;
Authors are permitted and encouraged to post and distribute their work online (e.g., in institutional repositories or on their personal websites) at any point before or during the editorial process, as this may lead to productive exchanges and increase the impact and citation of the published work (see The Effect of Open Access);
Authors are responsible for correctly providing their personal information, including name, keywords, abstracts, and other relevant data, thereby defining how they wish to be cited. The journal’s editorial board is not responsible for any errors or inconsistencies in these records.
PRIVACY POLICY
The names and email addresses provided to this journal will be used exclusively for the purposes of this publication and will not be made available for any other purpose or to third parties.
Note: All content of the work is the sole responsibility of the author and the advisor.
