Group Policy Fake Changes

Email It to Me Print this Page
Symptoms You received Group Policy Change Report showing some changes you do not believe you made.
Cause By default the product uses a domain controller for the data collection which is most available. On some of the domain controllers the replication of the Group Policy may not occur correctly. The product may connect to the domain controller that has a replication issue with regards to Group Policies, hence the outdated information, and gather GPOs which contain outdated policy settings. The outdated information in gathered GPOs will be considered as a change when comparing to the previous snapshot.
Resolution To prevent this from happening we recommend using one domain controller for collected Group Policy changes.
In order to check to determine the domain controller that should be used, please submit a ticket to Netwrix Technical Support and provide the following information:
1. The problematic Group Policy Change report (it should contain the date and time the report was received).
2. The Group Policy Change Reporter tracing logs (the entire content of the tracing folder) - the default location is C:\Program Files (x86)\NetWrix\AD Change Reporter Full Version\GPOExec\Tracing
3. The tracing of the Active Directory Change Report module - the entire content of the Tracing subfolder located in the installation folder of the product.
(*) Netwrix Auditor replaces former Change Reporter products
Was this information helpful?