1. New user, group, and GPO creation

1.1 Create a new user

  • Log in to your Domain Controller with Domain Admin privileges → Open Active Directory Users and Computers → Right click on your domain → New → User → Name the user as "ADAudit Plus".

1.2 Create a new group

  • Log in to your Domain Controller with Domain Admin privileges → Open Active Directory Users and Computers → Right click on your domain → New → Group → Name the group as "ADAudit Plus Permission Group".
  • Add all the audited computers as members of the "ADAudit Plus Permission Group": Right click on the "ADAudit Plus Permission Group" → Properties → Members → Add all the Domain Controllers, Windows servers and workstations that you wish to audit.

1.3 Create a new domain level GPO and link it to all the audited computers

Since configuring permissions on individual computers is an elaborate process, a domain level GPO is created and applied on all monitored computers.

  • Log in to your Domain Controller with Domain Admin privileges.
  • Create a new domain level GPO:

    Open the Group Policy Management Console → Right click on your domain → Create a GPO in this domain and link it here → Name the GPO as "ADAudit Plus Permission GPO"

  • Remove Apply group policy permission for Authenticated Users group:

    Click on the "ADAudit Plus Permission GPO" → Navigate to the right panel, click on the Delegation tab → Advanced → Click on Authenticated Users → Remove the Apply group policy permission.

  • Add the "ADAudit Plus Permission Group" to the security filter settings of the "ADAudit Plus Permission GPO":

    Open the Group Policy Management Console → Domain → Select the "ADAudit Plus Permission GPO" → Navigate to the right panel, click on the Delegation tab → Advanced → Add "ADAudit Plus Permission Group".

Copyright © 2019, ZOHO Corp. All Rights Reserved.
ManageEngine
Get download link