Active directory security audit software
Can someone recommend a good security audit tool for Active Directory? We have found several accounts with inappropraite permissions and I am looking for a comprehensive toolkit that allows both a spot audit and a platform for ongoing notifications for business
rule matches.
I am running an AD 2003 domain at the 2000 functional level. Single forest and domain.
Thanks.
June 17th, 2010 7:45pm
Hi,
I would look at the ACS feature of Operations MAnager 2007 R2:
http://technet.microsoft.com/en-us/library/bb381258.aspx
This works in conjunction with the audit policies configured for the
domain and the domain controllers to centralize security related events.
See also,
Auditing Security Events
http://technet.microsoft.com/en-us/library/cc776394%28WS.10%29.aspx
Auditing Policy
http://technet.microsoft.com/en-us/library/cc779526%28WS.10%29.aspx
-- Mike Burr
Free Windows Admin Tool Kit Click here and download it now
June 28th, 2010 9:15pm
I can recommend netwrix active directory change reporter (www.netwrix.com). Its what we use it automatically alerts us anytime someone makes a change to AD, and it sends us automated
reports so we can see who changed what, when and were within AD. Its a great tool.
May 14th, 2012 10:39pm