You probably know that you can record changes made to Active Directory and Group Policy objects by enabling auditing. But extracting the information that interests you can be quite cumbersome. You can use a more sophisticated event log management tool such as EventSentry or GFiEventsManager. However, if you just want to stay informed about which Active Directory objects have been changed, you might like NetWrix Active Directory Change Reporter.

There is a free and a commercial version. The limitations of the free version become obvious when you use the tool for the first time. There is a link to the commercial version at those spots where features have been cut. The main difference is that the free edition doesn’t allow you to see exactly when a certain object was changed and by whom. Thus, you will only be aware of the type of changes on a certain day. I think that this will often be sufficient. If you recognize a suspicious change, you can always check the security event log for more information.

(more…)

Rate this tool: (3 votes, average: 4.33 out of 5)

 Loading ...

Submit favorite free admin tool | Free tools ranking list | Descriptions of all tools

• Hyper-V Monitor Gadget for Windows Sidebar version 3.0 is now available. http://snurl.com/2rnjv
• Version 2.1.1 of Active Directory Reports is available now. I discussed version 1 a while back.
• VMware ThinApp pricing: $6050 + $47.19 per client. Quite expensive for my taste. http://snurl.com/2rnfs
• VMware ThinApp 4.0 RC available. The final is slated for July 10. http://snurl.com/2o6xc #
• Harris Survey: Microsoft’s reputation far outweighs Apple’s. http://snurl.com/2o6zm Not that I believe in such surveys. #
• The Windows roadmap I discussed in my article about Windows 7 is available now.  #
• Remote Desktop Connection 6.1 for Windows XP SP2. RDC 6.1 is included in SP3. There is an update for XP SP2 now : http://snurl.com/2osvh #

Every new Microsoft server operating system brings Active Directory related enhancements. It seems to me that Windows Sever 2008 introduces even more of such new features than its predecessors. I have already covered Fine-grained password policies, Read Only Domain Controllers (1) (2) (3), Active Directory Auditing, Active Directory Domain Services (AD DS), Active Directory snapshots in detail. Some of these new features work with lower DFLs, i.e. Windows 2000 and Windows Server 2003. The four new features discussed in this post require upgrading to DFL Windows Server 2008.

(more…)

Active Directory Reporting Tool (ADRT) allows you to sort user objects depending on a couple of important attributes: disabled, locked, expires, never expires, expired, password expires, password never expires, password expired, and never logged in. You can find this information with Microsoft’s built-in Active Directory tools also. However, with ADRT, it costs you just a mouse click to find out which users in your domain have been disabled for instance.

(more…)

Rate this tool: (18 votes, average: 4.11 out of 5)

 Loading ...

Submit favorite free admin tool | Free tools ranking list | Descriptions of all tools

Special Operations Software Active Directory Janitor is the WindowsNetworking readers’ choice award winner in the administration tools category at WindowsNetworking. Second is DameWare NT Utilities and third is Pukka Software’s Domain Administration Tool.

(more…)

Microsoft offers quite few Active Directory related products which can be generally described as Identity and Access (IDA) solutions. It is sometimes difficult to keep track with Microsoft’s enterprise products, not only because MS extends their functionality or releases new ones, but also because their names are constantly changing. In Windows Server 2008, there will be many such changes. In this post I summarized all of Microsoft’s IDA solutions with their new names.

(more…)