Documentation Index

Fetch the complete documentation index at: https://docs.databee.buzz/llms.txt

Use this file to discover all available pages before exploring further.

Microsoft AD Groups

  • Published on Jun 12, 2026
  • 2 minute(s) read
Prev Next

Active Directory (AD) is a centralized directory service used to manage user identities, computer accounts, and network resource access within a Windows domain network, allowing administrators to manage permissions and security policies, group memberships and user details in a single, accessible location. For more information, refer to the Microsoft page.

Integration Method: Data Collector Dynamic Ingest

Tables: Group Management (3006)

This integration supports following events:

Event

Description

ADGroupHierarchy

Get full group hierarchy of a given group to find all the nested and sub nested groups under that group.

This integration was tested against the following versions

PowerShell version

7 or later

Prerequisites

  1. Enable ADDS on the AD server.

  2. Databee console access.

  3. Install Databee data collector.

  4. PowerShell version 7 or later

  5. Windows Server WS 2022 LTSC (Standard Edition) x86_64 (64 bit)

Configuration Overview

  1. Enable ADDS on the AD server.

  2. Install Data collector.

  3. Add the Microsoft AD Groups data feed integration in the DataBee console

AD Server Configuration

To enable ADDS on windows machine if not already, follow the steps mentioned below.

  1. Go to Server Manager and click on Add Roles and Features under the Manage section.

    Server Manager dashboard screenshot showing the left navigation and the main 'Configure this local server' pane; the 'Manage' menu is expanded with 'Add Roles and Features' highlighted

  2. Click Next on both pages.

    'Add Roles and Features Wizard' screenshot showing the 'Before you begin' page of the wizard with the 'Next ' button highlighted

    Server Manager dashboard showing the Add Roles and Features Wizard dialog. The dialog is on Select installation type with Role-based or feature-based installation selected; Next button highlighted.

  3. Select Active Directory Domain Services and DNS Server.

    Select server roles dialog from the Add Roles and Features Wizard showing Active Directory Domain Services and DNS Server roles highlighted/checked in the roles list.

  4. Click Next.

    Server Manager Add Roles and Features Wizard dialog centered on the screen showing the Select server roles list (including DNS Server checked) and the Next button outlined/highlighted

  5. Click Next on other pages and on last page, select checkbox for server restart and allow it and then click on Install.

    Confirm installation selections dialog showing the Restart the destination server automatically if required checkbox checked and the Install button outlined/highlighted

  6. Once installed, click on the notifications button at the top right corner and select Promote this server to a domain controller.

    Server Manager dashboard screenshot showing the Server Manager window with Dashboard, roles and server groups tiles, and a Post-deployment Configuration notification panel

  7. Select Add a new forest and give name to domain and click Next.

    Active Directory Domain Services Configuration Wizard screenshot showing Deployment Configuration with Add a new forest selected and a Root domain name field highlighted

  8. Enter the password for the same and click Next.

    Server Manager dashboard showing the Active Directory Domain Services Configuration Wizard with the Domain Controller Options dialog in the foreground (fields for DSRM password, domain/forest functional levels, and checkboxes for DNS / Global Catalog).

  9. Ignore the warning shown and click Next.

    Server Manager with the AD DS Configuration Wizard showing the DNS Options page and a yellow warning banner stating a DNS delegation cannot be created; the Next button is highlighted at the bottom of the wizard.

  10. Click Next on all pages and at last click on Install.

    Centered screenshot of Windows Server Manager showing the Dashboard. A modal titled Active Directory Domain Services Configuration Wizard is open with Prerequisites Check selected on the left; the dialog shows a green check with the message All prerequisite checks passed successfully. Click 'Install' to begin installation. and an Install button highlighted. The Server Manager header reads Server Manager • Dashboard and server panes (All Servers, Local Server) are visible in the background.

DataBee Configuration

Install DataBee Data Collector

To install a data collector, refer to the following documentation for more information.

This section describes the steps needed for getting parameters for the data collector installation.

  1. Login to the DataBee UI, click on the settings icon at the top right corner of the UI, and select System from the dropdown.

    Screenshot of the DataBee UI overview page showing SECURITY DATA FABRIC - HEALTH panels on the left and summary widgets on the right; top-right of the screenshot displays the settings icon with a dropdown menu where System is highlighted

  2. From the left sidebar, select Data Collectors. The page will display all the data collectors configured until now.

    Screenshot of DataBee UI showing a top progress bar and a left sidebar with Data Lakes and Data Collectors menu; the Data Collectors item is highlighted with a red outline. The main panel shows a Data Lakes card with ICEBERG and Snowflake options and the footer text DataBee © 2026 Comcast at the bottom-right.

  3. To create a new data collector, scroll to the bottom of the page and click on the Add Data Collector.

    Screenshot of the Data Collectors page showing the left navigation with Data Collectors selected, a right-side card listing Data Feeds, Created On, Created By, Version, and a blue outlined button labeled Add Data Collector near the bottom center of the page.

  4. Fill in the required fields to add data collector:

    1. Collector Name: Enter the name of your Data Collector.

    2. OS: Select Windows option.

  5. Click Next to proceed to the next step.

    Modal dialog titled Add Data Collector showing fields including Collector Name, DataCollectorOS dropdown set to Linux, proxy fields, and a highlighted Next button. The modal is centered over a blurred DataBee UI background.

  6. Copy the following details using Copy to Clipboard for later use, then click on Close.

    1. Install Script

    2. Tenant ID

    3. Receiver URL

    4. Collector ID

    5. API Key (Click Show API Key to view it)

    Installation Steps modal showing code snippet for Install Script, fields labeled Tenant ID, Receiver URL, Collector ID, masked API Key field, and Copy to clipboard, Show API Key, and Close buttons. The modal content is on the left with a vertical Setup Data Collector stepper on the right.

  7. Open Windows machine where AD is configured and install data collector. (PowerShell 7 or greater is required).

  8. Paste the install script in PowerShell to install the collector and then when prompted, enter tenant id, receiver url, collector id and api key.

  9. Once installed you’ll see a message “Installation completed successfully”.

Configure Data Feed

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.

    Screenshot of the DataBee UI showing the left Data Management sidebar with Data Feeds selected, the main content area titled Your current data feeds displaying multiple feed cards, and the Add New Data Feed button highlighted in the top-right corner.

  2. Search for Microsoft Active Directory Groups feed and click on that option.

    Screenshot of the DataBee Add new data feed page showing a search input with the text microsoft active directory, and two result tiles: Microsoft Active Directory and a highlighted Microsoft Active Directory Groups. The page header shows progress steps Setup Data Lake, Setup First Data Feed, and Complete First Ingest. Left sidebar shows Data Management with Data Feeds selected.

  3. Click on the Data Collector option.

    Screenshot of the data feed configuration options showing multiple feed tiles (Azure Blob, Azure Event Hub, HTTP Collector, AWS S3, etc.) with the Data Collector tile highlighted with an orange border on the right side of the grid.

  4. Click on the Dynamic Ingest option.

    Screenshot of the DataBee UI showing a left sidebar with Data Feeds selected, a top progress bar with Setup Data Lake, Setup First Data Feed, Complete First Ingest, and the main area displaying selectable feed types with Dynamic Ingest highlighted in a red outline

  5. Enter feed contact information and select the connector that you created from drop down and scroll below.

    Screenshot of the Configure Data Feed form showing fields such as Data Feed Name, Owner Name, Owner E-mail, Collector and various input boxes and checkboxes for configuring Microsoft AD Groups

  6. In configuration section, confirm the following things:

    • Event Types: ADGroupHierarchy

    • Limit: Update limit value to change page size (Default: 500 records)

    • Authorization Method: Keep Windows Authentication (only supported)

    • Root Groups: Enter the name of root groups for which you want to pull out hierarchy. In case of multiple enter them, comma separated.

  7. Click Submit.

    Screenshot of DataBee configuration UI showing Data Feeds panel with fields for Event Types, Authorization Method (Windows Authentication), Limit set to 500, a Root Groups input with Administrators, and a highlighted Submit button.

Troubleshooting Tips

  • Ensure that Windows AD and data collector are configured on the same machine.

  • If you encounter any issues regarding log forwarding, refer to the DataBee troubleshooting document for detailed guidance.

Copyright © 2026 DataBee®, A Comcast Company.
DataBee® is a registered trademark of Comcast.