Users can be assigned permissions to modify an OU; for example, a user might be allowed to delete objects, or to make changes to their names or security configurations. But granting wrong users permissions to change the security modifications of objects in an OU can lead to a security breach. For example, a user with such modified permissions could reset the password to any account and use those credentials to access sensitive data. That’s why the right to configure the permission settings of objects in an OU should be carefully monitored and strictly validated.
Netwrix Auditor for Active Directory delivers complete visibility into what’s going on in Active Directory, including all changes made to security permissions. The application provides easy-to-read predefined audit reports, including a comprehensive report on changes to your organizational units. It also offers an interactive Google-like search that enables IT admins to quickly determine what changes were made to permissions in a given OU and who modified permission settings. This actionable intelligence enables IT admins to be aware of OU modifications and strengthen permission security to minimize the risk of a security breach.