Solved

Audit and Analyze tool AD and GPO in use etc...

Posted on 2010-11-11
6
1,490 Views
Last Modified: 2013-12-06
Hi guys,

Unfortunately i got pushed into some massive projet.
Basically, it's a company that run a computer parc concisting of ~2000 xp machines and 2008 Server R2 regarding the DC's.

The hell part of the thing is that: all of the 2000 machines  are being used by users with local administrator rights.
I know it is a total suicide but it's the way it is and that since 2005. You can magine the mess on the workstations...

My job is to audit the domain/AD/GPO and build a report regarding the possibility of limiting all the users rights via group policy.

My company would like to sell the product "stormshield" for this purpose + the GPO job.  So bascially, i have to create a report that show that limiting a non standard computer/users parc with group policy is going to requier many man hours. and so we are trying to sell the solution Stormshiled on the top of a set of GPO which will limit all users and make it all work together. And which will save everybody many hours.

Please anyone could point me to the right tools to perform this audit/analyze. it would be greatly appreciated.


Let me know if you need more infromation which i forgot to mention, kind of very stressed out lately.

Thank you!

Jean-Marc



 


0
Comment
Question by:jmc79
6 Comments
 
LVL 27

Accepted Solution

by:
KenMcF earned 250 total points
ID: 34110458
Quest has some good tools for auditing

http://www.quest.com/active-directory/compliance-and-audits.aspx

Check out the scripts that come with GPMC
http://wmug.co.uk/blogs/1972/archive/2006/05/01/39.aspx

There are other produscts as well.
http://nagios.org/
http://www.splunk.com/

It all depends on what you want to audit.
0
 

Author Comment

by:jmc79
ID: 34110577
Thanks! Will check.
I need to audit the AD, the GPO, and the OU structure.

Jm
0
 
LVL 24

Assisted Solution

by:Awinish
Awinish earned 250 total points
ID: 34110587
AD topology Diagram along with GPMC scripts you can do it.

http://blogs.technet.com/b/askds/archive/2007/10/12/documenting-active-directory-infrastructure-the-easy-way.aspx

You can use GPMC tool to document AD.

You can use DHCPLoc for DHCP.

http://www.windowsnetworking.com/kbase/WindowsTips/Windows2000/AdminTips/DHCPandDNS/UsingtheDHCPLOCUtility.html


There is tool like DCdiag, netdiag, dnslint, ntdsutil to check the health & various services of AD.

http://www.shariqsheikh.com/blog/index.php/200907/adrap-scoping-tool/

You can also use ADtest tool for performance monitor of AD.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=4814fe3f-92ce-4871-b8a4-99f98b3f4338&displaylang=en

Above tool is more than sufficient.


You can also check whether password policy is in place,service pack,patch Antivirus is updated.

http://blogs.msdn.com/b/ericfitz/archive/2005/08/04/447951.aspx
0
 

Author Comment

by:jmc79
ID: 34113843
Awesome!
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34700106
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
In-place Upgrading Dirsync to Azure AD Connect
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question