Use-case 22: How To Monitor Administrative Group Modifications In Your
A crucial aspect of IT auditing is knowing which users have administrative privileges and manage them accordingly. Users who are a part of the Domain Admin group have UNRESTRICTED access to the entire Active Directory and its resources. If this access could fall into wrong hands, the user can ram other admin users, man-handle critical resources and bring the whole domain down.
Picture courtesy: Microsoft TechNet
Now how do we prevent this?
ADAudit Plus has exclusive reports to monitor administrative group modification.
Step 1: Kindly go to Configuration --> Report Profile Categories --> Group Modification.
Step 2: Click on Modify Report Profile for Modified Admin Groups --> Add your administrative groups to the Select Groups list --> Click on Update.
Step 3: Go to Reports --> Profile Based reports --> Choose you Domain --> Group Modification --> Administrative Group Modified.
Choose the Period(time period).
Step 4: At a later point, Alerts can be configured to send real time notification on group modification by email.
#TheAD+Experience
| Shane Clinton |
||||||
| ManageEngine ADSolutions Team |
||||||
|
||||||
| How To | Forum | File Permission Management |
|
|||||
| ADManager Plus | ADAudit Plus | ADSelfService Plus | Exchange Reporter Plus | Recovery Manager Plus | AD360 |
||||||
Topic Participants
Shane Clinton
New to M365 Manager Plus?
New to M365 Manager Plus?
New to RecoveryManager Plus?
New to RecoveryManager Plus?
New to Exchange Reporter Plus?
New to Exchange Reporter Plus?
New to SharePoint Manager Plus?
New to SharePoint Manager Plus?
New to ADManager Plus?