As promised - the answer to the GPO auditing question:

So it turns out that you can already do some GPO auditing natively in Windows 2003 (very complicated & messy).  See here.

DesktopStandard and NetIQ offer GPOVault and Group Policy Guardian that enhance the change control/auditing experience - which presumably just sit ontop of the infrastructure mentioned above.

We now own DesktopStandard, and have transformed GPO Vault Enterprise into Microsoft Advanced Group Policy Management and have included it as part of the Microsoft Desktop Optimization Pack for Software Assurance.

We are going to incorporate the Policymaker functionality from our DesktopStandard acquisition natively into WS2008 around the RC timeframe but will still be offering GPOVault functionality separately.

Looks like the answer is: Yes, there will be native GPO auditing functionality in Windows Server 2008, but it will be limited (to encourage you to buy GPOVault).

Now I'm really off on holidays - back in a week..

Dave.

Comments

• Anonymous
  January 01, 2003
  PingBack from http://investingpower.info/?p=281

• Anonymous
  January 01, 2003
  Thanks for sharing information related to Audit Group Policy changes. I read good information from the shared resources. It good explain how to audit group policy changes. I found one more details fromhttp://www.lepide.com/lepideauditor/group-policy.html that provides an efficient way to Control any unwanted changes across your network and Set alerts for any Software Policy modifications.