MS SCOM and group policies: are there any flaws?



    Recently, we raised the question of how to audit changes in group policies. Actually, the question was asked in the context of history: what Khabrovsk citizens can advise on the solutions they use. In the comments, the user mantis indicated that Microsoft Systems Center Operation Manager could be used for these purposes.

    This is a powerful solution in itself, giving great opportunities to companies using it. However, it is the audit of group policy changes that is its weak point.

    To quote technet again : “Events in security logs are notifications saying that in GPO were made any changes but are not saying what exactly was changed" That is, in the described way it is impossible to get the main thing - information about what exactly has changed. In a specific case, where, recall, the task was to identify the employee who changed the group policy, this method is not a solution.

    We, the company NetWrix, are the developers of a program that not only allows you to fully audit changes in group policies, NetWrix Group Policy Change Reporter , but also integrated into MS SCOM as a Management Pack ( NetWrix Management Pack for Group Policy Change Reporter ).

    And we want to discuss with you, dear Khabrovchians:
    - Do you consider it important to fully control the changes in group policies? So, to know exactly what has changed, what significance was before the change and what it has become.
    - Do you think you have already resolved this issue? How?
    - Do you need our program?

    We invite you to discuss these issues in the comments.

    Also popular now: