Linking Servers to the GPO for File Integrity Monitoring

 

Linking Servers to the Group Policy Object in-order to apply desired Audit Policy:

The configured Group Policy object can be applied to all desired Servers by following the options provided below.

  1. Option 1: Linking a Group Policy object to an OU containing desired servers.

  2. Option 2 : Add Servers via "Security Filtering" to a domain linked GPO.

Option 1:  Linking a Group Policy object to an OU containing desired Servers.

  1. From the Active Directory Users and Computers Console (ADUC) create a "New Organizational Unit (OU)" in the default Domain.

  2. Add all audit required Servers to this Organizational Unit.

  3. Now link the created Organizational Unit to a Group Policy object that has the audit policy "Audit Object Access" configured in it.

 

Fig: Linking a Group Policy object to an OU containing desired Servers

 

This scenario is applicable for organizations that maintain a separate OU for various Servers.

 

Option 2: Add Servers via "Security Filtering" to a domain linked GPO

  1. Create a Group Policy Object for the "Domain"

  2. Configure the audit policy "Audit Object Access" success/ failure in it.

  3. Add the 'Servers' (Computer Objects) that require audit into the "Security Filtering" settings of this Group Policy Object .

  4. The Settings in the GPO will only be applied to the computers listed under "Security Filtering" settings of the GPMC.

Fig: Add Servers that require audit into the Security Filtering settings of Domain Group Policy Object

Copyright © 2020, ZOHO Corp. All Rights Reserved.
ManageEngine
Get download link