How to enable auditing of Group Policy ObjectsĪ Group Policy Object is stored in two parts – Group Policy Templates (defines the GPO template) and Group Policy Containers (an object in Active Directory pointing to GPO template). But how? Here, you will see the steps to enable Group Policy auditing in Active Directory. It is therefore necessary to monitor Group Policy changes.
Group Policy is used to perform numerous tasks including configuring auditing and deciding what users can or cannot access. In the latest versions of Windows Server, Microsoft introduced advanced auditing where users can granularly determine what to audit and what not to audit, thus creating a manageable number of logs. GPO Auditing is possible with Windows 2000 Server however, it was always a bit noisy and did not provide granular levels of detail. It is therefore very important to audit these changes to know who did what change, when and from which location Changes in Group Policy Objects like these, that can often remain unknown to others, can create accountability issues. Occasionally the IT team is responsible for these changes however, it is possible that someone with the right to make changes in the Group Policy Management Console has altered settings for which there was no authorization. Often, users complain that their system settings have been changed without their knowledge. In large enterprises, multiple administrators manage objects centrally through the Group Policy Management Console (GPMC) from different computers in the domain. Group Policy Objects contain the settings to control almost everything in Active Directory including Sites, Domains, Organizational Units, Users, Groups, Computers and other objects.
0 kommentar(er)
