Re: [ActiveDir] Logging changes made to GPOs

[Jason B]

Anyone have the general price-range on these products?  Web sites don't seem to list it, and after contacting sales, they want all kinds of info just to get a price.  I am just looking for a GENERAL price.  I don't know if they are $99, $99 per client, $1000 or $10,000. ----- Original Message ----- From: Darren Mar-Elia To: ActiveDir@mail.activedir.org Sent: Thursday, March 24, 2005 5:32 PM Subject: RE: [ActiveDir] Logging changes made to GPOs Right, the challenge that native auditing presents is that no details about what GPO setting is changed are logged. You can find out that something changed on the GPC, but that's about it. As Hunter mentioned, there are at least three commercial products that I know of that do provide detailed GPO logging:   NetIQ GP Guardian Netpro Change Auditor Quest Change Manager for AD     Darren   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Free, Bob Sent: Thursday, March 24, 2005 2:20 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Logging changes made to GPOs You can employ a 3rd party tool like the offerings from NetPro, NetIQ, Quest etc   Natively, if you enable Audit directory service access you can detect changes to GPOs by finding event ID 565s that have the Object Type value groupPolicyContainer, the Accesses value Write Property, and a Write Property that includes versionNumber From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Janson, Joe Sent: Thursday, March 24, 2005 8:30 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Logging changes made to GPOs Is it possible to log changes made to Group Policy Objects?