Anyone ever had the need to track and raise SCOM alerts based on GPO auditing?
Hi,
If you have enabled auditing on changes, you can pick this up using a simple event rule targeted to your domain controllers.
https://rlevchenko.com/2017/03/17/how-easy-is-it-to-track-group-policy-changes-using-the-event-log/
1 Like
We have not had the need to audit GPO changes. We went for Advanced Group policy management instead to have a more foolproof implementation path for our GPO:s.
https://technet.microsoft.com/en-us/library/cc749396(v=ws.10).aspx
The “Ooops!”-factor in GPO-management have gone done drastically after we implemented AGPM.