Active Directory SACL reporting

ManageEngine has stressed the importance of monitoring and alerting on Active Directory changes for years. With this level of monitoring and alerting, you can see and be notified of any key change in Active Directory with an email! That is powerful. To monitor and alert on Active Directory changes, you need to establish the SACL (security access control list) on Active Directory objects. Ideally, you will configure the SACL at the domain level, which will then be inherited down through the Active Directory structure. Follow this link for details on exactly how to configure the SACL. Once you’ve configured, you need to verify that the SACL is correct, to be sure you don’t miss any changes. But, how do y…

Advanced audit policy reporting

We at ManageEngine always suggest that you track Active Directory and file changes with advanced auditing in lieu of the traditional audit policy settings. There’s a catch, though: how do you verify that your settings are in place? If you’ve been following our blogs for a while, you know that we truly rely on secpol.msc for most settings that are deployed in the Security Settings area of a GPO. However, that fails with advanced audit policy reporting! So, what are you to do? For some odd reason, secpols.msc fails to report on the advanced audit policy configurations. We could call up Microsoft and ask, but in cases like this, it is just not worth the effort. Rsop.msc is another option, but unfortunat…

Monitoring User ​Rights Changes on Windows Servers

If you remember, I have a complete video on user rights in a previous blog post. In the  video I had discussed the basics of user rights including how they are deployed, what controls they provide, and how to properly report on them for your Windows servers. Now that you know how to report on user rights, as well as how to correctly configure them using Group Policy, we need to ensure that you maintain these settings on each server. This is important for a few reasons:
  1. It is easy to set up a Group Policy Object to modify the user rights on any server (or on many servers at one time).
  2. The local administrator of the server can control nearly every setting, so it is important to know when user rights change.
With both loca

Auditing vs. Monitoring of Active Directory

I just finished a class where I had both auditors and administrators in attendance. It was one of the best groups I have had for that reason. From the class I learned that it is not always “known” what the difference is between auditing and monitoring. Auditing is performed by auditors and monitoring is typically performed by administrators. There is only a slight difference between the two, but the difference is rather important and can make a world of difference when it’s time to report on your log data..  Auditing is both a technology and a role. The technology is built into every Windows computer and has been for years. Going back to Windows NT, Microsoft has provided auditing. Domain control

Monitoring of Active Directory Changes Made Easy

There are some things that Microsoft builds into their product that are just amazing, while other things that are just pathetic! When it comes to monitoring Active Directory, we have both. However, by using the good and supplementing the bad with other options, a fantastic solution can be achieved! The Good and Bad of Active Directory Monitoring The good that Microsoft provides with regard to Active Directory monitoring is with regard to the detailed logs that can be generated. Microsoft provides both “Auditing” and “Advanced Auditing” for domain controllers that are running Windows Server 2008 R2 and greater. When auditing is configured for the different objects (users, groups,

Free Webinar: Active Directory Monitoring and Auditing Like Never Before!

Do you struggle with monitoring and tracking of Active Directory changes? Do you want to monitor Active Directory changes but have given up due to the complexity? Microsoft provides some very detailed tracking capabilities in Active Directory by using auditing and advanced auditing. These technologies are not new in concept, but some of the details are radical and new to most admins. Setting up auditing and advanced auditing can be very tricky and not 100-percent clear. Then, after you have events being logged, you must manually sift through the logs to find what you want. Tracking down an individual event can be like searching for a needle in a haystack …if the event is even still in the log that i

Meet Us at Oracle OpenWorld

Every year at Oracle OpenWorld, Oracle technologists, customers, and partners come together to learn, discuss, and optimize Oracle. This year, it’s slated to be held at the Moscone Center in San Francisco between September 22 and 26, 2013. We’ll be there this year as well. So, if you plan to be at the event, join us at booth #2220. At the booth, our experts will be exhibiting and conducting live demos of Applications Manager, our application performance monitoring solution. Using Applications Manager, you can proactively track performance of your business-critical applications and servers, regardless of whether they are running on physical, virtual, or cloud environments. You can also monitor the…

Talk to ME Tuesday: Advice about Investing in Security Management

ManageEngine continues our weekly blog series called Talk to ME Tuesday. Each week we discuss interesting topics from the world of technology with you, the people that live and breathe it everyday.  People are spending more money in security management, said Andrew Hay, Senior Analyst for 451 Research. Hay believes that the rise in reporting of high profile breaches has made more people think about investing in overall security management rather than just having firewalls or intrusion detection systems. “You need something to orchestrate those disparate data sources and combine things to get a better view of your security environment,” said Hay. If you’re looking for a security management solu…

Talk to ME Tuesday: IT Pros Admit to Challenges They Face Monitoring Their Environment

ManageEngine continues our weekly blog series called Talk to ME Tuesday. Each week we discuss interesting topics from the world of technology with you, the people that live and breathe it everyday.  You’ve got tools monitoring your network, but do you really know everything that’s going on? Are the people, processes, and monitoring tools all in place, talking to each other and all running smoothly? At the 2012 Interop conference in Las Vegas, I asked the assembled IT pros, “What challenges are you facing monitoring your environment?” Here are their answers.…