Educause Security Discussion mailing list archives
Re: Active Directory Auditing
From: "HALL, NATHANIEL D." <halln () OTC EDU>
Date: Wed, 12 Dec 2007 14:42:17 -0600
I know Tripwire Enterprise will monitor AD objects and I know it will tell you when it was changed, but I don't remember if it will tell you who made the change. -- Nathaniel Hall, GSEC GCFW GCIA GCIH GCFA Network Security System Administrator OTC Computer Networking (417) 447-7535 ________________________________ From: JASON LANGDOC [mailto:JLANGDOC () UT EDU] Sent: Wednesday, December 12, 2007 2:22 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Active Directory Auditing I am looking to set up auditing on my Active Directory. Would like to be able to produce a reports that give details on who made change to what OU or object and when they made the change. We are currently auditing this information with the Domain Controller security policy, but with the volume of security events logged to each DC it can be hard to track down the exact event we are looking for. I have found a few third party software packages for this such as Change Auditor and InTrust Plug-in for AD. Is anyone using third party software solutions for this and what was your opinion of them? Thanks, Jay Langdoc The University of Tampa Network Administrator jlangdoc () ut edu (813)258-7380
Current thread:
- Active Directory Auditing JASON LANGDOC (Dec 12)
- <Possible follow-ups>
- Re: Active Directory Auditing HALL, NATHANIEL D. (Dec 12)
- Re: Active Directory Auditing Brad Judy (Dec 12)