Is anyone monitoring for changes to an endpoints DNS configuration? We have experienced issues where Windows Admins have misconfigured the DNS settings for my SCOM Gateway’s, resulting in the agents reporting to the GW throwing heartbeat failures. Unfortunately, we cannot lock them out, as they are the actual Windows Admins for their “agency” environment. I’d prefer to monitor for these changes in SCOM, but we also have SCCM (DCM) and we’re considering using Powershell DSC to enforce the configs.

Any suggestions?

BlakeTheITGuy edited question