Settings
The Settings section in ADG lets you configure Automatic Scanning, Essentials, Proxy, Reporting, and SMTP.
⚡ Automatic Scanning
Automatic Scanning allows you to check SpyCloud’s database as frequently as every 5 minutes. This ensures you are able to act on critical employee exposures as soon as SpyCloud finds them.
- Runs in the background on a 5-minute interval, plus the time the previous scan took to complete.
- Replicates only the affected AD objects, making scans fast (seconds or minutes vs. hours).
- Does not use the advanced analytics of a full scan (e.g., fuzzy matching, IDLink).
Behavior:
- If no new exposures are found → the cycle restarts after 5 minutes.
- If new exposures are found → the scan completes, then the next starts 5 minutes later.
Notifications:
- Emails are sent only if an active match is found or a scan fails.
- Scans are added to the dashboard only if new data is found.
Recommendation: Use Automatic Scans for near real-time monitoring, and schedule Full Scans daily for richer analytics.
Where to Configure:
- From the Automatic Scan module on the dashboard, or
- From Settings → Automatic Scanning in the left navigation
On the Automatic Scanning page, you can enable/disable scans, set a remediation policy (or create one), and configure notification emails.
👉 For steps on creating a remediation policy, click here. 👉 For steps on configuring SMTP email, click here.
On repeated failures: one failure email is sent immediately, then no more than once per hour.
🧰 Essentials Settings
Go to Settings → Essentials to update:
- SpyCloud API Key configuration
- Local Active Directory configuration
Use this section when credentials or AD connection details change.
🌐 Proxy
If your environment requires HTTP(S) traffic to go through a proxy:
- Navigate to Settings → Proxy
- Enter:
- Host (must include
http://orhttps://) - Port
- Host (must include
- Click Save
📈 Reporting
ADG can report high level scan statistics and diagnostic data back to your SpyCloud Enterprise Portal. This data provides greater insight into exposure risk, helps with debugging, and informs optimization of future ADG releases.
Navigate to Settings → Reporting.
Data Collected per Scan
| Category | Details |
|---|---|
| Matches | Active AD user matches; password matches by type (Exact, Fuzzy, Banned, NIST Global) |
| Resolutions | Resolved matches grouped by type (Exact, Fuzzy, Banned, NIST Global) |
| Scan Metadata | Start/end time, scan options, diagnostic data |
| Domain Controller | Domain, name, OS version |
| ADG Host | ADG version, uptime, log file size, DB size, memory consumption |
| Host System | Hostname, OS version, CPU cores, machine ID |
Opting Out:
- Reporting is enabled by default.
- To disable: check Opt out of reporting ADG scan statistics.
- Contact support via the SpyCloud portal to delete historical data if needed.
✉️ SMTP
ADG has the ability to send emails in certain situations. In order to send emails, ADG needs to be configured to talk to an SMTP server.
Navigate to Settings → SMTP.
SMTP Server
- Host: FQDN of the SMTP server
- Port: 25, 465, 587, or 2525
- Security: TLS on a Dedicated Port or StartTLS After Connection
- Sender Email Address: configure a default sender, then Save
Authentication
- Enter Username and Password if required
- Leave blank for anonymous SMTP
Testing & Reset
- Send a Test Email to confirm operation
- Delete Configuration and Credentials to clear all fields
Email Template Defaults
Set defaults for templates:
- Default To
- Default Reply To
- Default Sender Name
Multiple values can be added line by line.
Updated 2 months ago