How-tos for Windows Server
Step-by-step instructions on auditing the most critical events in Windows Server
Featured How-tos
To detect unauthorized software installation, IT pros need to monitor all changes made to server configuration and timely get alerted on them.
Learn how to list all local groups in Windows Server and export them to CSV format with or without PowerShell.
Find out how to review all local administrators on your Windows machines in order to spot deviations from your baseline and maintain good IT hygiene.
Regularly review the local users and groups on critical Windows machines in order to harden the security of your servers.
Get a list of users in local groups on Windows machines without having to use the command line on each machine or scripting in PowerShell.
Collect system inventory without wasting your time on PowerShell scripting and get details such as OS installed on each server, OS version and antivirus status.
Regularly view shared folders reports to get a list of all file shares and identify non-default shares that can jeopardize your data security.
Learn how to get a report on the membership of all local groups, including local administrator group membership, in CSV format.
Suspicious changes to Startup Registry keys can be a sign of malware activity. Timely detection of these changes can prevent loss of sensitive data.
This how-to shows two ways of detecting who created a new scheduled task on your windows server.
Video recording of user screen activity enables IT administrators to gain visibility into IT systems and control privileged user activity before a security breach occurs.
IT administrators need to monitor deletions of DHCP reservations to ensure no unauthorized changes took place, thus preventing system unavailability.
Continuous monitoring of DNS record deletions helps IT administrators detect abnormal actions in a timely manner and thereby avoid service unavailability.