[gptalk] Re: GPO Auditing
- From: "Meaburn, Garry" <garry.meaburn@xxxxxxxxxxxx>
- To: <gptalk@xxxxxxxxxxxxx>
- Date: Thu, 17 Aug 2006 13:23:50 +0100
Hi you can also configure MOM to monitor for GPO changes without using
the Secure Vantage's product. I currently use MOM to monitor any GPO or
OU changes
Regards,
Garry Meaburn
Odyssey Operations - Active Directory
________________________________
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Ryan Brennan
Sent: 16 August 2006 16:30
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: GPO Auditing
If you're using MOM you could use Secure Vantage's Group Policy PCMP
Product also to do GPO Auditing :)!
http://www.securevantage.com/ProductsPCMP.html.
-ryan
________________________________
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Darren Mar-Elia
Sent: Wednesday, August 16, 2006 10:17 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: GPO Auditing
Generally speaking, the GP auditing that is available is pretty weak,
but if you have directory access auditing enabled on your DCs, then you
will see any changes to the groupPolicyContainer object (the part of the
GPO in AD) show up in the security event log on the PDC emulator DC.
That will at least tell that a GPO changed and who made the change, but
it won't show you what the change was. For that, you would need a 3rd
party product like those from NetIQ or NetPro.
Darren
________________________________
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Difarnecio, Gino (Citco)
Sent: Wednesday, August 16, 2006 7:19 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] GPO Auditing
I would like to keep track of changes to my GPO's. Any suggestions on
the best way to accomplish this task? I figure enabling auditing at the
PDC in the policy folder will generate an event if I log write attempts.
Is there anything else that needs to be done to accomplish this?
Thanks
Other related posts:
