Mark Owens
asked on
I need to monitor and/or restrict the install/uninstall of software on my server
I want to monitor my prod servers for install/uninstall of software. Can this be done with a GPO. My first thought is a GPO that only allows installation from a certain group. This could at least be a secondary measure. Thus I've seen some third party tools that that monitor the event log but that could be too late, whereby the GPO's ACL may be more of a measure.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Best practices it to grant permissions only to those who need access to do their jobs and only those permissions specific to accomplishing their jobs. So I ensure that only authorized users are accessing my servers in the first place and then turn on auditing for those servers. So for example, I need my techs to be able to add users to my DC, but not make any changes to any other OU or anything else on the server, I would restrict them to just that.
ASKER
Thanks. I appreciate your input.
ASKER