Track and report on group policy changes

Lists all Group Policy Objects created. Change information that include "GPO name", "who created it", "the time of GPO creation" the Domain controller info and the "Parent object" are listed by default. ADAudit Plus allows adding /removing columns to the list to view other change information that a user finds important or needed.

This report lists all Group Policy Objects deleted. Change information that include "GPO name", "who deleted it", "the time it was deleted" the Domain controller info and the Parent object are listed by default. A GPO deleted connotes.

• The settings that were configured on it and
• Traces of one or all OUs, Domains or Sites on which the GPO was applied are erased completely.

ADAudit Plus records all modifications made on a GPO and the "Recently modified GPOs report" lists these changes in a convenient and easily understandable reports. The time of change and the modification done to the GPO are prominently displayed. The presently available reports show information that a configuration change was made to the GPO with the information that GPO was modified. However, detailed reporting of configuration changes to a GPO will follow soon.

Link changes to a "Group Policy object" will enhance or reduce the scope of the GPO. A link change implies that an object that was linked to a GPO was removed or a new object was added. This change needs to be supervised as an unmonitored link removal from the GPO means - policy restrictions that were once enforced on linked objects was removed and this could result configurations of one GPO being replicated across other OUs or Sites. This is an unexpected behavior and stern action must be taken against. ADAudit Plus provides detailed reports on all links added or removed to Group Policy objects and helps in the necessary corrective / remedial procedures.

The "GPO History" Report lists the detailed history of changes that have occurred on any selected Group Policy Object. History of a single or multiple GPOs in a selected domain can be viewed from a single web interface. This document or report act as a tool / resource to assist in in-depth tracking of faults, intrusions and other forensics.