• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 372
  • Last Modified:

Auditing AD and Exchange

I would like to enable auditing on my domain for both exchange and active directory. Do I need to have GPO that touches the entire enterprise if i want to enable auditing? or can i set the auditing on the server, i would like to track when a user is changed, password updated, disabled/ enabled, and when the rights are changed. Any help would be great.

Thanks

Matt
0
HRSBTech
Asked:
HRSBTech
1 Solution
 
JimsZCommented:
I would go with domain wide GPO personally, although you can set GPO for only "default domain controllers".  You can also set local policies to enable auditing!

Start - Run - Secpol.msc and click "Local Policies" - "Audit Policy" and set your auditing options
0
 
HRSBTechAuthor Commented:
So if I want to check when all files rights are changed, user rights changed, disabled users, enabled, all these types of things, I can do this with domain wide GPO and apply it to everyone or just do it for the default domain controler policy... if i apply it to the default domain controller policy will it pick up all the changes? since the changes have to be made to an item that lives onthe DC?

make sense?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now