Audit group policy changes

EssendonEssendon Posts: 4,548Member ■■■■■■■■■■
Folks, is it possible in 2008 R2 or Windows Server in general to audit the state of a group policy object before and after a change is made to it. Anyone done this in prod/lab?

Help's appreciated!
NSX, NSX, more NSX..

Blog >> http://virtual10.com

Comments

  • EssendonEssendon Posts: 4,548Member ■■■■■■■■■■
    Anyone please?
    NSX, NSX, more NSX..

    Blog >> http://virtual10.com
  • undomielundomiel Posts: 2,818Member
    I haven't had a need to do it before but I did some searching around and ran across this tool: Group Policy Change Reporter (Freeware and Commercial)
    Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
  • EssendonEssendon Posts: 4,548Member ■■■■■■■■■■
    Thanks for the reply undomiel. Can this be done using Windows only?
    NSX, NSX, more NSX..

    Blog >> http://virtual10.com
  • ClaymooreClaymoore Posts: 1,637Member
    Essendon wrote: »
    Thanks for the reply undomiel. Can this be done using Windows only?

    Not that I know of. Advanced Group Policy Management can audit and even roll back changes, but that is part of the MDOP suite.
  • EssendonEssendon Posts: 4,548Member ■■■■■■■■■■
    Thank you for the reply and the link Claymoore.
    NSX, NSX, more NSX..

    Blog >> http://virtual10.com
  • EveryoneEveryone Posts: 1,661Member
    This article is for 2003, but works on 2008 as well...
    Monitoring Group Policy Changes with Windows Auditing - Windows Security Logging and Other Esoterica - Site Home - MSDN Blogs

    Basically you turn on auditing of the GPO folders on your domain controllers. Then whenever someone makes a change, you have an audit trail.
  • ITguy509ITguy509 Posts: 1Registered Users ■□□□□□□□□□
    Yes, there are several tools you can download that will tell you any time a change has been made to a GPO. We use NetWrix Group Policy Change Reporter, which I find very easy to use and it’s free, but I also know that Quest Software and ScriptLogic offer GP auditing tools. Worth looking into of you need reporting on (before and after) changes made to GPOs
Sign In or Register to comment.