Do you audit Active Directory?

If so, what do you use to change control it? I have been demo'n a new products and so far ADAudit Plus is great. Just curious if there's other server admins out there that know something else.

I want to audit every change in AD that happens, password reset, lockout, GPO changes, OU changes etc..

If you're using something good let me know.

TTT - just curious if anyone now uses anything.

Hi Jave,

I do not audit AD, but you might want to look into a SIEM engine which sounds cool do the job, as well as auditing centrally everything else.

The correlation and the visibility of events with a SIEM is so much better than let's say a central syslog.