Garrett-
You need something to process your event logs with. I have used MOM for
this as well as ACS (which never saw the light of day but will ship as
part of MOM2007). Quest and NetIQ (and possibly NetPRO) also all have
tools that can do this type of thing. I have used Ecora as well. It has
Only way I know of getting this information is via audit logs. I know
that Quests makes som enice tools that will track and capture directory
access issues, etc etc and log them, alert on them, etc so you can track
who is doing what in AD.
MY best advice,
Delegation of control wizard, deny
Hi Matt,
Natively it's difficult to track all changes to AD. If you do this
through the event log, then you need a mechanism to regularly harvest
the event logs, such as Microsoft Audit Collection System (ACS).
Otherwise, as you've noted, the logs will overwrite and you will lose
historical
Last I checked the public info on ACS is/has/will be in beta forever
and won't be in a product until the System Center line of products hits
the streets (they are still in beta).
These days ACS isn't a solution for anyone other than the folks that
got the beta bits eons ago.
I'm still
Subject: Re: [ActiveDir] AD Auditing and Change Control
Last I checked the public info on ACS is/has/will be in beta forever and won't
be in a product until the System Center line of products hits the streets (they
are still in beta).
These days ACS isn't a solution for anyone other than