Presentation is loading. Please wait.

Presentation is loading. Please wait.

Auditing Microsoft Active Directory

Published byRachel Goodwin Modified over 10 years ago

Similar presentations

Presentation on theme: "Auditing Microsoft Active Directory"— Presentation transcript:

1 Auditing Microsoft Active Directory
Eric Dugger Network Services Manager Nevada Legislature

2 What is Active Directory
A central component of the Windows platform, Active Directory directory service provides the means to manage the identities and relationships that make up network environments. Resources – Computers & Printers Services – , Policies, DNS, etc. Users – Accounts and security groups

3

4 Primary Items of Importance
Business Continuity Is Active Directory backed up? Are there multiple Domain Controllers? Security Who has access to change Active Directory? What settings in Active Directory affect security? (passwords, etc.) Policies What environment is created from AD Polices?

5 Business Continuity Active Directory Backups – Critical Data
How often? Where are they stored? see Backing up an Active Directory Server doc Multiple Domain Controllers Should have the global catalog show where in Sites and Services

6 Questions

7 Active Directory Security
Who can access Active Directory? What can they change? Is auditing turned on for Active Directory?

8 Access to Active Directory
Active Directory Boundaries Physical Security Domain Forests & Trusts

9 Permissions to Change AD
Groups of Interest Enterprise Admins Schema Admins Administrators Domain Admins Server Operators Account Operators Backup Operators DS Restore Mode Administrator

10 Questions

11 Group Policy in Microsoft Windows Active Directory

12 What is Active Directory Group Policy?
The Group Policy management solution in Microsoft® Windows Server™ 2003 allows administrators to define configurations for both servers and user machines. Local policy settings can be applied to all machines, and for those that are part of a domain, an administrator can use Group Policy to set policies that apply across a given site, domain, or range of organizational units (OUs) in the Active Directory® directory service. Support for Group Policy is available on machines running Microsoft Windows 2000 Server, Microsoft Windows 2000 Professional, Microsoft Windows® XP Professional, and Windows Server 2003.

13 Overview Control Internet Explorer Settings
Control Computer/User Settings Software Distribution Windows Updates Much, Much More…..

14 Getting Started Windows 2003 Active Directory
Group Policy Manager Plug-in

15 Choose an Organizational Unit
Creating a Policy Create and Link GPO Choose an Organizational Unit

16 Assigning a Policy Policies Linked to this OU Policies Inherited
Delegation of this OU

17 Defining Internet Explorer
Control the Functionality of IE Plug-Ins Menus Empty Temp Folder Control the Security of IE Active X .NET Block Sites

18 Configuring an IE Policy
Define your Zones Internet Intranet Trusted Restricted Define your Settings Apply Policy to an OU ZONES 1 – Intranet 2 – Trusted 3 – Internet 4 - Restricted

19 Control User/Computer Settings
Configure the Desktop Hide icons/menus Dictate wallpaper Control Software Installation or Use Prohibit software from being installed or uninstalled Prohibit software from being run Lockdown Administrator Functions Network or security settings Configure Windows Firewall

20 Configure a Desktop Policy

21 Software Distribution
Automatically Install Software at Logon Publish Software Remove Software Update Software

22 Configure a Software Install Policy
Install a Software Package on Logon The software will be installed when the user logs on Publish a Software Package The software will be available through “Add/Remove Programs” Redeploy a Software Package The package will be redeployed (Update or New Version) Uninstall a Software Package The software will be removed Install Path to MSI File

23 Managing Windows Updates
Create a policy to use the Windows Update Services server Assign WSUS Server Assign WSUS Groups Install and Configure WSUS

24 Windows System Update Server
Updates for Windows, Office, Exchange Server, and SQL Server, with additional product support over time Automatic download of specific updates Automated actions for updates, determined by administrator approval Ability to determine the applicability of updates before installing them Targeting Reporting

25 How WSUS Works Downloads selected updates to central update server
Release updates to specified groups Report on status of updates

26 Computer Name Operating System Last Status Report Computer Group

27 Install Detect only Not Approved Update Type Release Date Update Name Approval

28 Reporting Computer Name Installed Needed Not Needed Unknown Failed
Last Updated Update Title Status Type

29 Questions

30 Tools GPResult Admx Group Policy Manager

31

32 True Last Logon http://www.dovestones.com/products/True_Last_Logon.asp

33 What AD Policies am I getting?
GPRESULT Open a command window Type gpresult

34 Export Group Policy Settings
AdmX.exe: ADM File Parser Category The ADM File Parser (AdmX) is a command-line tool that enables an administrator to export Group Policy settings to a tab-delimited text file. The administrator can then use the text produced by ADM File Parser (AdmX) to find changes for the policy settings between different versions of the operating systems. AdmX is for use only with policies based on administrative templates. Version compatibility The AdmX.exe tool runs on Windows 2000, Windows Server 2003, and Windows XP Professional. AdmX.exe also requires the Microsoft .NET Framework 1.0.

35 Group Policy Manager

36 Questions

Download ppt "Auditing Microsoft Active Directory"

Similar presentations

COMP091 OS1 Active Directory. Some History Early 1990s Windows for Workgroups introduced peer-to-peer networking based on SMB over netbios (tcp/ip still.

COMP091 OS1 Active Directory. Some History Early 1990s Windows for Workgroups introduced peer-to-peer networking based on SMB over netbios (tcp/ip still.
Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.

Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Managing User Settings with Group Policy

Managing User Settings with Group Policy
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Chapter 6 Introducing Active Directory

Chapter 6 Introducing Active Directory
Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.

Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.
9.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
MIS 431 - Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.

MIS Chapter 91 Ch. 9 – Implement and Use Group Policy MIS 431 – created Spring 2006.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
By Rashid Khan Lesson 4-Preparing to Serve: Understanding Microsoft Networking.

By Rashid Khan Lesson 4-Preparing to Serve: Understanding Microsoft Networking.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
Understanding Active Directory

Understanding Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 1: Introduction to Windows Server 2003.
Guide to MCSE 70-290, Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.

Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.
Group Policy in Microsoft Windows Active Directory.

Group Policy in Microsoft Windows Active Directory.

Similar presentations

Ads by Google