If you're like most administrators, you know who is logging on to your servers and what they are doing there.
"Ahem," as another Windows IT Pro writer likes to say.
Seems like we need the word "don’t'" in there somewhere.
Yes, you've heard all the horror stories about how Active Directory needs to be audited and how the native tools are lacking in some ways. But these third-party audit programs are so messy and big, I can hear you saying.
Neil Karnik of Ensim begs to differ. Now generally available, Ensim's recent release, Ensim Unify Audit Manager, aims to offer a usable solution for auditing AD and Group Policy Object (GPO) changes.
Through "soft" agents that are so-named because of their intended lack of intrusiveness, Audit Manager looks at events, translates and massages the data, and sends it to a SQL Server database where you can examine it and run reports.
"Native tools make you have to go to the domain controller and look for events. We're getting events off the server into the SQL database," Karnik says.
The solution shows who, what, and where, and offers options for reports that include saving to a network share or to email, in CSV or Excel format. All four components of the solution can be installed on one server (for small to midsized businesses—SMBs) or multiple servers, in the case of larger companies.
It uses Microsoft SQL Server Express 2005 or 2008, or SQL Server Standard or Enterprise 2005 or 2008, and you need at least one Windows Server 2008 or 2008R2 DC. A status bar in the management interface keeps you apprised of the size of your database. Alerting capabilities will arrive in a release later this year.
Ensim is currently running a special price on the solution, which Karnik says should be especially attractive to small to mid-sized companies: $3,000 an administrator. To learn more about Ensim Unify Audit Manager, visit Ensim's website.