Skip to content

New KB on account exclusions #82

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
hilram7 merged 8 commits into from
Jan 29, 2026
Merged

New KB on account exclusions #82

hilram7 merged 8 commits into from
Jan 29, 2026

Conversation

@tay-caliguiri
Copy link
Contributor

@tay-caliguiri tay-caliguiri commented Jan 27, 2026

New KB on account exclusions for multidomain environments when there is no domain trust relationship

@tay-caliguiri tay-caliguiri requested a review from a team as a code owner January 27, 2026 15:49
@tay-caliguiri tay-caliguiri added the docs:nam Activity Monitor Documentation Update/Addition/Change label Jan 27, 2026
@github-actions

This comment was marked as outdated.

Sign in to view
@tay-caliguiri
Update multi-domain-account-exclusions.md
f27ad17 
Corrected warning admonition and related links header
@github-actions

This comment was marked as outdated.

Sign in to view
@hilram7 hilram7 self-assigned this Jan 27, 2026
@tay-caliguiri
Update multi-domain-account-exclusions.md
4f31a54 
Took some suggestions from Claude and made minor improvements
@github-actions
Copy link
Contributor

github-actions bot commented Jan 27, 2026

Pull Request Review: Account Exclusions KB Article

SUMMARY:
This PR adds a new KB article documenting how to manually exclude users from untrusted domains in Netwrix Activity Monitor by adding their SID to the agent configuration file. The article is well-structured and provides clear instructions.

STRENGTHS:

  1. Clear problem definition with Symptom and Cause sections
  2. Practical step-by-step solution with PowerShell commands
  3. Good use of admonitions for warnings and notes
  4. Consistent with repository KB article structure

DOCUMENTATION QUALITY ISSUES:

PowerShell Code Block at lines 42-49:

  • Extra blank line at the beginning
  • Typo in example: space before Server parameter
  • Comment says outputs just SID but command outputs entire user object
  • Recommend adding pipe to Select-Object -ExpandProperty SID to output only the SID value

Numbered List Formatting at lines 54-56:

  • Uses tabs for sub-bullets which may not render consistently in Markdown
  • Recommend using spaces instead of tabs for better compatibility

Configuration File Path:

  • Should clarify upfront that this file is on the agent server

Frontmatter:

  • Missing knowledge_article_id field that appears in other KB articles for consistency

SECURITY CONSIDERATIONS:
No security concerns identified. The article correctly recommends using SIDs and legitimate Active Directory queries.

TECHNICAL ACCURACY:
Verified that SID-based filtering is correct approach, Windows API requirements are accurate, and delimiter parsing guidance is sound.

RECOMMENDATIONS SUMMARY:

High Priority:

  1. Fix PowerShell command typo at line 46
  2. Add pipe to Select-Object to output just the SID

Medium Priority:
3. Replace tabs with spaces in list indentation
4. Remove leading blank line in code block

Low Priority:
5. Consider adding knowledge_article_id field
6. Add PowerShell alternative for service restart

APPROVAL STATUS:
Recommend approval with minor revisions. The identified issues are minor formatting and clarity improvements that would enhance documentation quality but do not block the PR. The article provides valuable troubleshooting information with clear instructions.

@tay-caliguiri
Update multi-domain-account-exclusions.md
4184ebe 
typo in powershell command
@github-actions

This comment was marked as resolved.

Sign in to view
@jth-nw
Copy link
Collaborator

jth-nw commented Jan 27, 2026

The document looks good! You can ignore the doc reviewer stuff - I made some comments suggesting some changes (I want the doc reviewer to do it this way in the future)

@github-actions

This comment was marked as resolved.

Sign in to view
@hilram7
Proofread instructions for untrusted domain exclusions
ff29120 
Proofread — improved formatting. minor word choice revision
@github-actions

This comment was marked as resolved.

Sign in to view
hilram7
hilram7 previously approved these changes Jan 29, 2026
View reviewed changes
@hilram7
Fix YAML front matter parsing error
66b2e5d 
Fix YAML front matter parsing error — indented the block value of >-
hilram7
hilram7 previously approved these changes Jan 29, 2026
View reviewed changes
@github-actions

This comment was marked as resolved.

Sign in to view
@hilram7
Addressed Claude Code Review
94ed0dc 
Fixed typo, updated title, and standardized formatting
@github-actions

This comment was marked as duplicate.

Sign in to view
@hilram7 hilram7 merged commit d096e76 into dev Jan 29, 2026
9 checks passed
@tay-caliguiri tay-caliguiri deleted the kb-nam-account-exclusion branch January 29, 2026 19:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jth-nw jth-nw jth-nw left review comments

@hilram7 hilram7 hilram7 approved these changes

Assignees

@hilram7 hilram7

Labels

docs:nam Activity Monitor Documentation Update/Addition/Change

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@tay-caliguiri @jth-nw @hilram7