Group Policy-related events are recorded in the security log on the Microsoft Windows Server domain controller. By reviewing these logs, IT administrators can audit changes to Group Policy. However, although native auditing tools show when and where each change happened, they don’t provide critical details, such as the name of the Group Policy that was changed and the type of action that was performed. To ensure that no aberrant activity slips past your radar, you need additional software that provides more insight into changes to your Group Policy settings.
Netwrix Auditor for Active Directory delivers complete visibility into what’s going on in your Active Directory, including detailed audit reports about changes to Group Policy. The application provides not only the basic information available using native auditing tools, but also critical details such as the name of the Group Policy that was changed, the type of change performed, which user made the change, and the before and after values. Having this information enables IT admins to fully understand Group Policy modifications so they can mitigate the risk of misuse of sensitive data and ensure compliance.