EventSentry can monitor all changes to Active Directory and Group Policy objects down to the attribute level with ADMonitor, an optional Add-On.
Since Active Directory is a central database that stores all users, groups and computer objects of an organization, tracking all activity is crucial in order to maintain a secure network. Idle users and undetected changes can seriously compromise the security of a Windows domain.
Monitoring Active Directory changes using the security event log however is difficult, inefficient and cumbersome. ADMonitor solves this problem by monitoring Active Directory directly - with little reliance on the security event log.
ADMonitor offers the following functionality:
ADMonitor completely integrates with EventSentry and is usually setup in less than 2 minutes.
|Feature||EventSentry Built-In||EventSentry ADMonitor|
|Detect User & Group Changes||Yes||Yes|
|Detect Any Attribute Change||No||Yes|
|Before & After Values||No||Yes|
|Requires Detailed Auditing||Yes||No|
|Monitor Group Policy Changes||No||Yes|
|Identify Problematic AD User Accounts||No||Yes|
|Detect Local (Non-AD) User & Group Changes||Yes||No|