Re: AD Security Audit Tools

["Marion, David" <David.Marion () BRIDGEW EDU>]

Philip,

I've found some of the MS tools to be useful in automating auditing with some diff scripts like dsquery. I've also had 
a lot of success with dumpsec/dumpacl. I haven't used them in a while, but I remember them being very useful. I'm a 
huge fan of taking that baseline and comparing how things change over time.

Best,
Dave Marion
Bridgewater State University

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Philip 
Webster
Sent: Thursday, September 01, 2011 1:45 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] AD Security Audit Tools

Hi,

We're looking to perform an automated security review of our Active Directory installation, and in particular would 
like to identify good practices, compliance with standards and best practice, and anywhere that improvements are 
required or recommended.

We are evaluating SekChek, Gold Finger, and Quest Reporter, and are interested in anyone's experience in these or other 
such tools. We're not looking at a monitoring or real-time auditing tool, but rather a point-in-time assessment.

Thanks!
--
Philip Webster
Senior IT Advisor | Assurance and Risk Management Services Queensland University of Technology