subject: Advantage Of Auditing Windows Active Directory [print this page] Being a system administrator you must want to keep information about who and when logging into a computer or server. You need to keep record of who and when is logging into computers for security concern. However, it is not easy to keep eye on all users working of different computers within a domain but because of security reasons, you need to do this. To establish highly secure environment in your organization it is must to track the users logging activities. This can be done by auditing Windows Active Directory.
To record of accomplishment of the users logging activities, you need to configure audit policies. Based on the audit policies you configure, events logs will be generated whenever a user logon to a particular system. By viewing those logs, you can easily know that which user has logged on a particular system and at what time. Following steps help you to view Audit policy on a particular computer:
1.Click Start > Control Panel.
2.Double-click the Administrative Tools icon. The Administrative Tools window appears.
3.Double-click the Local Security Policy shortcut. The Local Security Settings window appears.
4.Expand the Local Policies node in the left panel.
5.Right-click the Audit Policy option and select the Open option. The Audit policy appears in the right panel.
This way you can audit the logging status of the user. However, you can only audit the logging status of the current system. Through, Microsoft Management Console (MMC) snap-ins, you cannot track the logging activities of all users in a domain. To confirm that who and when logging into a computer within the domain, you need to make use of a centralized tool.
Chily Active Directory Management and Reporting enables you to configure stringent Audit policies for Windows Active Directory. With the help of this amazing Windows Active Directory Management and Reporting tool, the system administrator can easily configure audit policy for any computer within a domain from a central location. That means the administrator does not need to visit any computer within the domain to configure audit policies.
Based on the configured audit policies, whenever any user will logon or logoff the computer an event will be recorded in the event logs. Using those event logs, the administrator can easily track that who and when has accessed any computer within the domain.
