I have an issue I am sure many have were network team adds a subnet but forgets to tell the AD or SCCM team so I would like to alert when AD detects an unknown subnet. Does anyone know of a way to do this?
Could you alert on NETLOGON 5807 events in the system log on DC’s?
That sounds a bit tricky. Do you have reverse lookupzones in your AD? In that case you could create a list of all networks there and compare them to the list under sites.
And then you have to modifiy this a bit to get out the reverse zones from the AD.