Active Directory is the core identity and authentication control point for most networks today so having a complete audit trail is crucial to security, compliance and change control.
Windows provides an audit category, Directory Service Auditing, for exactly that purpose and that will be the focus of this real training for free (TM) webinar.
Directory Service auditing is somewhat like Object Access auditing in that you must define audit policy on the specific objects (users, groups, computers, OUs, Group Policy Objects) you want to track and for the specific types of access. Of course you can define auditing at the OU level so that it is propagated to all child objects.
Directory Service auditing is also very granular so it’s possible to enable auditing of just the activities that are important to you while avoiding an overload of your domain controllers.
I’ll show you how you can audit creation and deletion of AD objects and even how to audit write access to specific object attributes like the Job Title on user accounts or logon name changes.
I’ll finish up by providing concrete examples of how you can put Directory Service auditing to work to solve common problems and detect important security violations. Register now for this deep technical training for free.