+ Post New Thread
Results 1 to 9 of 9
How do you do....it? Thread, Active Directory Auditing?? in Technical; Hi All, I am after a way that I can have changes made to AD & GPOs logged. Idealy it ...
  1. #1
    ICTNUT's Avatar
    Join Date
    Jul 2005
    Location
    Hereford
    Posts
    1,419
    Thank Post
    196
    Thanked 249 Times in 122 Posts
    Rep Power
    62

    Active Directory Auditing??

    Hi All,

    I am after a way that I can have changes made to AD & GPOs logged.

    Idealy it would log what changes were made, by whom, and when.

    Does anyone have any ideas or software they now of that can do the above.

  2. #2
    Oops_my_bad's Avatar
    Join Date
    Jan 2007
    Location
    Man chest hair
    Posts
    1,738
    Thank Post
    438
    Thanked 53 Times in 50 Posts
    Rep Power
    30

    Re: Active Directory Auditing??

    Is audit object changes no good then? You can do this via audit policies but not sure about GPO's

  3. #3
    ICTNUT's Avatar
    Join Date
    Jul 2005
    Location
    Hereford
    Posts
    1,419
    Thank Post
    196
    Thanked 249 Times in 122 Posts
    Rep Power
    62

    Re: Active Directory Auditing??

    Yes but this would require being at the console and then trawling through 1000's of event log entries and no GPOs are not recorded.

  4. #4
    ICTNUT's Avatar
    Join Date
    Jul 2005
    Location
    Hereford
    Posts
    1,419
    Thank Post
    196
    Thanked 249 Times in 122 Posts
    Rep Power
    62

    Re: Active Directory Auditing??

    UPDATE: I have found a number of software programs that will do this but boy are they expensive.

    Looking into it I think I am going to just have to bite the bullet and write a small app to extract the events from the event log to a database with a web front end.

    Wish me luck ;-)

  5. #5
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,999
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106

    Re: Active Directory Auditing??

    If your going to do it that way look at one of the syslog solutions to grab the windows logs and put them in a database. That way you can write some routines to query for what you need.

  6. #6

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,930
    Thank Post
    1,337
    Thanked 1,780 Times in 1,105 Posts
    Blog Entries
    19
    Rep Power
    594

    Re: Active Directory Auditing??

    The only thing I can suggest is a nightly export of the list of GPOs and running a diff to see what is different, rather than polling the event log.

    Scripting of Group Policies can be found here

    Whilst not as granular as things produced by companies like Quest but should do the job.

    Is this the sort f thing you were thinking of?

  7. #7
    ICTNUT's Avatar
    Join Date
    Jul 2005
    Location
    Hereford
    Posts
    1,419
    Thank Post
    196
    Thanked 249 Times in 122 Posts
    Rep Power
    62

    Re: Active Directory Auditing??

    Sort of, I am wanting to have a seperate audit trail of what changes are done when and by who.

    I currently have a windows service runninf a small app that does the export into an SQL 2005 database and this works well exporting all event logs for the server and then clearing them down after the export.

    I am now writing a web frontend to query the data, this should allow for quick audit reports and verification of the change management process also.

  8. #8

    Join Date
    Nov 2012
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I can recommend NetWrix Active Directory Change Reproter. My company uses it, and it audits all changes made to AD, sending automated reports and real-time alerts highlighting details about each change—e.g., it tells me exactly what changed, who made each change, and when the change occurred. http://www.netwrix.com/active_directory_change_reporting_freeware.html

  9. #9

    Join Date
    Nov 2012
    Posts
    6
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    I recommend looking at a few third-party options for reporting capabilities. If you’re looking for some good software I recommend NetWrix Active Change Reporter, Quest ChangeAuditor and NetIQ Change Guardian. We use NetWrix, but all three tools will audit AD changes, and send reports telling you who made them.

SHARE:
+ Post New Thread

Similar Threads

  1. Active Directory Alternative HOW-TO??
    By Joedetic in forum *nix
    Replies: 17
    Last Post: 26th January 2012, 10:46 PM
  2. Active Directory Explorer
    By ajbritton in forum Windows
    Replies: 6
    Last Post: 15th November 2007, 10:37 PM
  3. PDA and Active Directory
    By localzuk in forum Windows
    Replies: 4
    Last Post: 10th October 2007, 03:54 PM
  4. Active Directory Explorer v1.0
    By PiqueABoo in forum Downloads
    Replies: 1
    Last Post: 16th July 2007, 10:02 PM
  5. DNS problem under Active Directory.
    By ArchersIT in forum Windows
    Replies: 6
    Last Post: 19th February 2007, 03:09 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •