netwrix · pavelshabanov2025 · Apr 30, 2026 · May 13, 2026 · May 21, 2026 · May 26, 2026
@@ -124,7 +124,7 @@ Create a login for the Entra ID application to access audit configuration.
 ### 3.1 Connect to SQL Managed Instance
 
 Use SQL Server Management Studio (SSMS) or Azure Data Studio with an account that has:
-- Azure AD admin privileges on the SQL MI
+- Microsoft Entra ID admin privileges on the SQL MI
 - `sysadmin` server role or equivalent permissions
 
 ### 3.2 Create Login from External Provider
@@ -339,7 +339,7 @@ Run the Netwrix Auditor Add-on Setup Wizard and follow these configuration steps
   your-sql-instance.public.<region>.database.windows.net,1433
   ```
 - **Database Name**: `master` (for audit collection)
-- **Authentication**: Azure Active Directory
+- **Authentication**: Microsoft Entra ID
 - **Blob Path**: Full path to audit logs container:
   ```
   https://stnetwrixsqlmi001.blob.core.windows.net/audit-logs/<managed-instance-name>

@@ -66,7 +66,7 @@ Create monitoring plans for Azure Files to track file and folder changes across
 ### Step 5: Test Connection
 
 Click **Test Connection** to verify:
-- Azure Active Directory authentication
+- Microsoft Entra ID authentication
 - Storage account access
 - Audit log collection
 

@@ -41,7 +41,7 @@ to save audit events on **"log storage accounts"**. Ensure you have the necessar
 
 ## Configuration Scope Overview
 
-- **[Azure Application Registration](#azure-application-registration)** - Create Azure AD application
+- **[Azure Application Registration](#azure-application-registration)** - Create Microsoft Entra ID application
 - **[Configure API Permissions](#configure-api-permissions)** - Assign required permissions for created application in EntraID
 - **[Assign Identity and Access Management (IAM) Roles to the App](#assign-identity-and-access-management-iam-roles-to-the-app)** - Assigning roles to Resource Group, Data Storage Account, and Log Storage Account
 - **[Diagnostic Settings](#diagnostic-settings)** - Configure audit logging
@@ -120,7 +120,7 @@ Click **Grant admin consent for TenantName**
 **Why this is required:**
 - By default, applications can't query Microsoft Graph for directory-wide information
 - Admin consent allows the app to use **User.Read.All**
-- This lets Netwrix Auditor query Azure AD and resolve **user SIDs → user accounts → display names**
+- This lets Netwrix Auditor query Microsoft Entra ID and resolve **user SIDs → user accounts → display names**
 - Without admin consent, audit logs will only show unresolved SIDs instead of usernames, making reports incomplete and less useful
 
 **At the end of this step, your app has granted Microsoft Graph API permissions**

@@ -109,7 +109,7 @@ service principal using Microsoft Entra ID Admin portal:
 Follow the steps to grant the required Microsoft Entra ID (formerly Azure AD) roles to the new
 application.
 
-**Step 1 –** In the Entra portal, click **View** under Manage Azure Active Directory.
+**Step 1 –** In the Entra portal, click **View** under Manage Microsoft Entra ID.
 
 **Step 2 –** Select **Roles and admins** under Applications .
 
@@ -121,8 +121,8 @@ application.
 and click Add.
 
 See the following Microsoft article for additional information on how to create an application and
-service principal using Azure AD Admin portal:
-[Create an Azure Active Directory application and service principal that can access resources](https://learn.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal).
+service principal using Microsoft Entra ID Admin portal:
+[Create a Microsoft Entra ID application and service principal that can access resources](https://learn.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal).
 
 ### Configure Client Secret
 

@@ -78,7 +78,7 @@ data will be collected by the newly registered app). Go to the **new app setting
 permissions** and click **Grant admin consent for** *`<tenant name>`*. When prompted to confirm
 granting, click **Yes**.
 
-**Step 7 –** Go to **Azure Active Directory** — **Roles and administrators** and assign **Exchange
+**Step 7 –** Go to **Microsoft Entra ID** — **Roles and administrators** and assign **Exchange
 Administrator** role.
 
 ## Non-owner Mailbox Access Audit: Manual Configuration

@@ -46,9 +46,6 @@ Set\Services\EventLog\Security_.
 
 **Step 5 –** Check **Allow** next to the **Read** permission.
 
-**NOTE:** For auditing Logon Activity, you also need to assign the Read permission to the
-_HKEY_LOCAL_MACHINE\SECURITY\Policy\PolAdtEv_ registry key.
-
 ### Assign Permission using the Group Policy Management Console
 
 Follow the steps to assign permission using the Group Policy Management console;
@@ -66,7 +63,7 @@ the left and navigate to Policies > Windows Settings > Security Settings > Regis
 
 **Step 4 –** Right-click in the pane and select Add Key.
 
-**Step 5 –** Navigate to `HKEY_LOCAL_MACHINE\SECURITY\Policy\PolAdtEv` and click OK.
+**Step 5 –** Navigate to `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg` and click OK.
 
 **Step 6 –** Click Add and enter the name of the user that you want to grant permissions to and
 press Enter.
@@ -77,7 +74,6 @@ In the pop-up window, select Propagate inheritable permissions to all subkeys an
 
 Repeat the steps 4-7 for keys below:
 
-- `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg`;
 - `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Security`.
 
 **Step 8 –** Close Group Policy Management console.

@@ -72,8 +72,8 @@ operation. The issues listed below apply to upgrade from 9.96 and 10.
     - [Permissions for Teams Auditing](/docs/auditor/10.8/configuration/microsoft365/teams/permissions/permissions.md)
 
 - For auditing cloud-based applications (Microsoft Entra ID, Exchange Online, SharePoint Online, and
-  MS Teams) with Netwrix Auditor using modern authentication: additional configuration of the Azure
-  AD app permissions is required. Review the following for more information about required rights
+  MS Teams) with Netwrix Auditor using modern authentication: additional configuration of the Entra
+  ID app permissions is required. Review the following for more information about required rights
   and permissions:
 
     - [Permissions for Microsoft Entra ID Auditing](/docs/auditor/10.8/configuration/microsoft365/microsoftentraid/permissions/permissions.md)

@@ -123,7 +123,7 @@ If you want to review the Event Log Collection Status email, the Event Log Colle
 shows whether data collection for your monitoring plan completed successfully or with warnings and
 errors.
 
-![changesummary_eventlog](/images/auditor/10.7/tools/changesummary_eventlog.webp)
+![changesummary_eventlog](/images/auditor/10.8/tools/changesummary_eventlog.webp)
 
 ## Configure Audit Archiving Filters for Event Log
 

@@ -110,7 +110,7 @@ Follow the steps to review report on inactive users.
 
 **Step 1 –** Click Generate next to Generate report on inactive users to view report immediately.
 
-![inactiveusersactivedirectory](/images/auditor/10.7/tools/inactiveusersactivedirectory.webp)
+![inactiveusersactivedirectory](/images/auditor/10.8/tools/inactiveusersactivedirectory.webp)
 
 ## Registry Keys
 

@@ -103,7 +103,7 @@ Click Generate next to Generate report on users with expired account or password
 users passwords immediately. In the Maximum Password Age Setting dialog that opens, select domain
 policy settings or specify the maximum password age in days.
 
-![passwordexpiration](/images/auditor/10.7/tools/passwordexpirationnotifier/passwordexpiration.webp)
+![passwordexpiration](/images/auditor/10.8/tools/passwordexpirationnotifier/passwordexpiration.webp)
 
 ## Registry Key Configuration
 

@@ -0,0 +1,10 @@
+{
+  "label": "Access Reviews",
+  "position": 100,
+  "collapsed": true,
+  "collapsible": true,
+  "link": {
+    "type": "doc",
+    "id": "accessreviews"
+  }
+}
@@ -0,0 +1,156 @@
+---
+title: "Access Reviews"
+description: "Access Reviews"
+sidebar_position: 100
+---
+
+# Access Reviews
+
+Netwrix Auditor supports integration with Netwrix Auditor Access Reviews, which enables business
+owners to conduct resource and group reviews and recommend changes. The integration is available for
+the following data sources:
+
+- Active Directory
+- Dell Data Storage (only Unity family)
+- NetApp
+- Nutanix Files
+- Qumulo
+- SharePoint Online
+- Synology
+- Windows File Servers
+
+## Getting Started
+
+This workflow assumes you already have Netwrix Auditor installed with configured monitoring plans
+for a supported data source.
+
+**NOTE:** Access Reviews is a separately licensed product and is not included with Netwrix Auditor.
+Make sure that you have the Access Reviews license enabled in Auditor.
+
+See the [Licenses](/docs/auditor/10.9/admin/settings/licenses.md) topic for additional information.
+
+_Remember,_ there is one single Access Review license for all data sources that can send data to the
+application.
+
+Follow the steps to use Netwrix Auditor Access Reviews in conjunction with Auditor.
+
+**Step 1 –** Install Access Reviews on the same computer where Netwrix Auditor is installed. See the
+[Installation Overview](/docs/auditor/10.9/accessreviews/installation/overview.md) topic for prerequisites and
+additional information.
+
+**Step 2 –** Configure Access Reviews. The Configuration interface is only available to users with
+the Administrator role. See the [Administrator Overview](/docs/auditor/10.9/accessreviews/admin/overview.md) topic
+for configuration settings and enabling user access.
+
+**Step 3 –** Use the Access reviews configuration tool to setup the data flow from the Auditor
+database to the Access Reviews database. See the
+[Select Data Sources](/docs/auditor/10.9/accessreviews/installation/accessreviewsconfiguration.md) topic for additional information.
+
+**NOTE:** Data upload speed depends on the amount of collected data and Auditor collectors
+configuration.
+
+**Step 4 –** Configure resource ownership through the Access Reviews Console. The Resource Owners
+interface is available to users with either the Security Team or Administrator role. Managing
+ownership is core component for the Access Reviews workflow. See the
+[Resource Owners Overview](/docs/auditor/10.9/accessreviews/resourceowners/overview.md) topic for additional
+information.
+
+**NOTE:** The [Owners & Access Reviews](/docs/auditor/10.9/accessreviews/owneroverview/owneroverview.md) topic and
+subtopics are written for the assigned owners. You can distribute the URL to this topic or download
+a PDF to be distributed to your assigned resource owners.
+
+**Step 5 –** Configure and run reviews. The Entitlement Reviews interface is available to users with
+either the Security Team or Administrator role. See the
+[Reviews Overview](/docs/auditor/10.9/accessreviews/entitlementreviews/overview.md) topic for additional
+information.
+
+Netwrix Auditor Access Reviews is now configured and ready to use.
+
+## Considerations & Limitations
+
+Review the following considerations:
+
+1. Enabling State-in-Time data collection for your monitoring plans option is not required for the
+   integration works properly.
+2. The data collected by Auditor is updated at least once a day.
+3. If a monitoring plan or a data source with enabled integration is deleted, all collected data
+   will be removed from the Access Reviews database.
+4. If there are errors in upload of data to the Access Reviews database, these errors are reflected
+   in the Netwrix Auditor Health Log and text log files; status of items and data sources in Auditor
+   is not affected by these errors.
+5. Permissions-related considerations:
+
+    - For Windows File Servers, permission data for all items in this data source is sent to the
+      Access Reviews application;
+    - Only effective top-level permissions are sent (share+NTFS);
+    - Permission data is sent per file server (entirely for each server);
+    - Transfer of permission data to the Access Reviews application is started when you enable the
+      integration for a data source.
+
+    ## Initial Configuration
+
+    Next, configure the Access Reviews for your environment:
+
+    - Console Users — Grant users access to the application starting with an Administrator account.
+      There are two levels of access: Administrator and Security Team. See the
+      [Console Access Page](/docs/auditor/10.9/accessreviews/admin/configuration/consoleaccess.md) topic for
+      information.
+
+        - Optionally, disable the Builtin Administrator account. See the
+          [Modify the Builtin Administrator Account](/docs/auditor/10.9/accessreviews/admin/configuration/consoleaccess.md#modify-the-builtin-administrator-account)
+          topic for additional information.
+
+    - Notification — Configure the Notification settings required in order for the application to
+      send email. See the
+      [Notifications Page](/docs/auditor/10.9/accessreviews/admin/configuration/notifications.md) topic for
+      information.
+
+    ## Enable Console Users
+
+    Access Reviews Console users granted one of the available roles should be notified.
+
+    **_RECOMMENDED:_** The notification should include:
+
+    - Why your organization is using Netwrix Auditor Access Reviews.
+    - What they will be doing in the Access Reviews Console.
+    - How to log into the Access Reviews Console, specifically what URL and credentials to use.
+
+    You should also provide links to the appropriate topics based on the user's role:
+
+    - Security Team — Need topics that align to the work the will be doing in the Access Reviews
+      Console:
+
+        - Ownership Administrator — Send the URL link for the
+          [Resource Owners Overview](/docs/auditor/10.9/accessreviews/resourceowners/overview.md) topic.
+        - Review Administrator — Send the URL link for the
+          [Reviews Overview](/docs/auditor/10.9/accessreviews/entitlementreviews/overview.md) topic.
+
+    - Administrator — Send the URL link for the
+      [Administrator Overview](/docs/auditor/10.9/accessreviews/admin/overview.md) topic.
+
+    ## Resource Ownership Configuration
+
+    Ownership of resources must be assigned in order to use the Access Reviews workflow:
+
+    - Resource Ownership — Assign ownership for resources to be managed through the application. See
+      the [Resource Owners Interface](/docs/auditor/10.9/accessreviews/resourceowners/interface/interface.md) topic for
+      additional information.
+    - Enable Owners — Send a notification to your owners about resource ownership with the
+      application. See the
+      [Notification to Owners](/docs/auditor/10.9/accessreviews/resourceowners/overview.md#notification-to-owners)
+      topic for additional information.
+
+    ## Access Reviews Workflow
+
+    The Access Reviews application runs attestations on resources and groups with the assigned
+    owners. The workflow consists of:
+
+    - Reviews — Configure reviews for resource Access or group Membership .
+    - Owner Performs Review — Owners process the review, potentially recommending changes
+    - Review Administrator Approval — Review and process owner recommended changes
+
+    **_RECOMMENDED:_** Set expectations for response time from owners.
+
+    Reviews can be run multiple times, maintaining a historical record for each instance. See the
+    [Reviews Overview](/docs/auditor/10.9/accessreviews/entitlementreviews/overview.md) topic for additional
+    information.
@@ -0,0 +1,10 @@
+{
+  "label": "Administrator Overview",
+  "position": 20,
+  "collapsed": true,
+  "collapsible": true,
+  "link": {
+    "type": "doc",
+    "id": "overview"
+  }
+}
@@ -0,0 +1,10 @@
+{
+  "label": "Additional Configuration Options",
+  "position": 40,
+  "collapsed": true,
+  "collapsible": true,
+  "link": {
+    "type": "doc",
+    "id": "overview"
+  }
+}