Frequently audit the central directory (Active Directory or LDAP directory)

Surveillance of the internal directory allows you to detect dormant accounts, new unjustified accounts, too many rights, access at unusual times, etc.

Closely monitoring the central directory of the business is an important proactive security activity, because it allows the timely detection of accounts the use or access of which reveals malicious activity.