Auditing the Use of Administrative Permissions

An important aspect of ensuring that your Active Directory is as secure as possible is to create a carefully planned security configuration for the entire domain. This plan will clearly identify exactly what permissions each administrative group should have. Another essential component to domain security is the auditing of the use of those permissions. Auditing serves at least two purposes. First of all, it provides evidence for changes that have been made to the directory. If a change has been made to the directory, you may need to track down who has made the change. This is especially important if an incorrect or malicious change has been made to the domain information. A second purpose for auditing ...

Get Active Directory® for Microsoft® Windows® Server 2003 Technical Reference now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.