Currently have a NT domain with win2k workstations and win2k servers. We will be moving to AD shortly..
Company needs a very detailed audit track of all users activities on the pc and servers. I have the Mail and Web tracking covered but i need more detail on users activities when it comes to files on the server and locally..
Besides turning on all the Security Event in AD would a keylogger make more sense...
Any suggestions on best practices greatly appreciated