Group Policy is a fundamental element of an organization’s security policy. Even small unwanted changes to security policies, software deployment, desktop configuration or other settings can severely impact security, systems management and compliance.
Audit reports play a major role in tracking who, what, where, and when of critical data modifications. Here are 10 most useful Group Policy audit reports in LepideAuditor Suite to help you monitor changes.
- Group Policy Object Modified: This report records all modifications made on Group Policy Objects. It lists all changes in convenient and easy-to-read reports.
- Group Policy Object Deleted: This report displays the list of all deleted Group Policy Objects. It provides information such as "GPO Name", "Who Deleted It", "The Time It Was Deleted” and more.
- Audit Policy Modified: These reports display all modifications to audit policies, including account logon events, account management, directory service access, logon events, object access, policy change, privilege use, process tracking and system events.
- User Right Assignment Policy Modified: This audit report displays all modifications in User Rights Assignment policies for Computer Configuration. These policies include creating permanent shared objects, generating security audits, load and unload device drivers and more.
- Password Policy Modified: Password policy modification reports provide you with thorough information about changes to password age policy,
password complexity policy, password encryption policy and password history policy.
- All Accounts Policy Modified: All alterations to Password Policies, Account Lockout Policies and Kerberos Policies in Account Policies will be displayed in the All Accounts Policy Modification reports.
- Security Policy Modified: Security policy modification reports display all modifications to Account Policies, Local Policies, Event Log, Restricted Groups, System Services, Registry and other Security Policies.
- Network Policy Modified: This report displays all modifications in the policies of BITS, DNS Client, SNMP etc. in Network Group Policy.
- Account Lockout Policy Modified: Unwanted changes to Account Lockout policies can lead to unauthorized access. Account lockout policy modification reports show changes to the account lockout policies.
- Interactive logon policy: This report displays changes to Interactive Logon policies such as Interactive Logon: Do not display last user name, Interactive Logon: Do not require CTRL+ALT+DEL, etc. in the Security Options.
LepideAuditor Suite provides over 270 reports, including the ones mentioned in this article, to help with all manner of security, systems management and compliance challenges. The solution provides an alternative to native auditing approaches, ensuring that maintaining a pro-active auditing policy isn’t overly time-consuming, complex or costly.