Windows tip: Tracking changes to active directory
When you have a large Active Directory environment with a team of people managing it that includes administrators and users with delegated permissions, you should be concerned. What if someone makes a change that isn't authorized or intended, such as deleting objects or containers? Windows event logs provide one way of monitoring changes to your environment, and Security log auditing can also help though it can generate a ton of information to sift thru (although both Event Viewer and security auditing have been significantly enhanced with Windows Server 2008).
Some third-party products may be able to help you sleep better at night. Here are two products from Quest Software that have been recommended to me by admins who use them on a daily basis to monitor their Active Directory environments:
- InTrust Plug-in for Active Directory works with their Intrust platform for security information/event management for compliance. This plug-in lets you track, store, alert, and report on the activity of your domain controllers and other aspects of Active Directory including Group Policy. Find out more about Quest Intrust platform here and their AD plug-in here.
-
ChangeAuditor for Active Directory can automatically track changes to the configuration of your AD environment and issue alerts when accounts are deleted, DNS server configurations are changed, failed logins occur, and many other occurrences. Find out more about ChangeAuditor here and download a free trial.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
Non-Quest Products
NetPro is now the same as Quest and if you're looking for alternatives here is the list:1) NetWrix Active Directory Change Reporter - notably this product is provided in both freeware and paid versions.
2) AD Audit Plus
3) TripWire