Fill 4

Directory Ranger

Audit & Reporting for Microsoft Active Directory

icon_architecture Created with Sketch.

Architecture of the Tool

The DirectoryRanger includes a web based interface for management and working with the tool. There are additional interfaces like import of data that was collected in an external environment and update of the plugins and application itself. Authentication is also implemented as an interface to an existing AD environment to integrate smoothly in your environment without adding yet another user database. All confidential data is stored encrypted to limit the impact in case of compromise.

Architecture of the Tool
products-integration Created with Sketch.


As ERNW recommends the implementation of Administrative Tiers and Privileged Access Workstations as mandatory security controls the DirectoryRanger was designed with this and other security controls in mind. Resulting features include:

  • Updating without access to other networks
  • Web interface to avoid caching of sensitive credentials by Windows default behavior
  • Principle of least privilege
  • Custom hardening based on the requirements of the tool
products-licensing Created with Sketch.


Licenses are based on the size of your Active Directory environment. Contact us to get a quote.



  • Collects security settings from Active Directory
  • Also considers your operational procedures
  • Maps results to industry best practices or a custom baseline
  • Provides mitigation advice
  • Creates transparency about your Active Directory

Presentation Logic

  • Easy-to-use GUI
  • Comprehensive reporting capabilities
  • Rating based on ERNW AD expertise

Built-in security

  • Only needs standard user privileges
  • Includes concepts to be operated in isolated environments

Product updates

Be the first to hear about Directory Ranger progress and release dates. We'll keep you in the loop about the project's progress. Sign up now for our Newsletter:

More on More ERNW SecTools related articles on our company blog