Active Directory Security dot com

Complete Coverage of Delegation, Security Audit & Compliance Reporting in Active Directory

Brought to you by former Microsoft Program Manager for Active Directory Security
REFERENCE GUIDANCE REPORTING
Reference | Top-20 D | Risks | FAQ Delegate | Verify | Assess | Audit | Report | Comply Reports Free Tools
| Overview | What To Audit in Active Directory | Top-50 Security Audit Reports | How to Audit Security |



Top-50 Active Directory Security Audit Reports


The following is a list of the Top-50 Active Directory security reports to include in an security/compliance audit –

#ReportType
User Account Management Reports
1.List of all domain user accountsSecurity Report
2.List of all recently commissioned domain user accounts
(i.e. accounts that were created in the last 30 days)
Security Report
3.List of all recently de-commissioned domain user accounts
(i.e. accounts that were deleted in the last 30 days)
Security Report
4.List of all active domain user accounts
(i.e. accounts that have logged on at least once in the last 180 days)
Security Report
5.List of all inactive domain user accounts
(i.e. accounts that have not logged on even once in the last 180 days)
Security Report
6.List of all unused domain user accounts
(i.e. accounts that have never logged on)
Security Report
7.List of all disabled domain user accountsSecurity Report
8.List of all privileged domain user accounts
(i.e. accounts that possess administrative privilege)
Security Report
9.List of all domain user accounts that do not have an expiration dateSecurity Report
10.List of all domain user accounts that do not require passwords to logonSecurity Report


Did you know that you can now generate these reports for free?
You can, with Gold Finger from Paramount Defenses !
 
      Free Download  

11.List of all domain user accounts whose passwords never expireSecurity Report
12.List of all domain user accounts whose passwords have not changed in the last 60 daysSecurity Report
13.List of all domain user accounts that are sensitive and cannot be delegatedSecurity Report
14.List of all domain user accounts whose password might be too old
(i.e. accounts who password has not changed in the last 60 days)
Security Report
15.List of all unmanaged domain user accounts
(i.e. accounts for whom a manager is not specified)
Security Report
16.Individuals who can create domain user accounts Access Report
17.Individuals who can delete domain user accounts Access Report
18.Individuals who can reset user account passwords Access Report
19.Individuals who can disable (and enable disabled) user accounts Access Report
20.Individuals who can unlock user accounts Access Report


Did you know that you can now generate these reports for free?
You can, with Gold Finger from Paramount Defenses !
 
      Free Download  

Computer Management Reports
21.List of all domain computer accounts Security Report
22.List of all recently commissioned domain computer accounts
(i.e. computer accounts created in the last 30 days)
Security Report
23.List of all recently de-commissioned domain computer accounts
(i.e. computer accounts deleted in the last 30 days)
Security Report
24.List of all active domain computer accounts
(i.e. accounts that have logged on at least once in the last 180 days)
Security Report
25.List of all inactive domain computer accounts
(i.e. accounts that have not logged on even once in the last 180 days)
Security Report
26.List of all disabled domain computer accounts Security Report
27.List of all domain computer accounts that are trusted for unconstrained delegation Security Report
28.List of all unmanaged domain computer accounts
(i.e. accounts for whom a manager is not specified)
Security Report


Did you know that you can now generate these reports for free?
You can, with Gold Finger from Paramount Defenses !
 
      Free Download  

Security Group Management Reports
29.List of all security groups (and their type i.e. domain local, global etc.)Security Report
30.List of all administrative security groups (e.g. Enterprise Admins etc.)Security Report
31.List of all delegated administrative security groups
(e.g. groups used to delegate IT management in Active Directory)
Security Report
32.List of all recently commissioned security groups
(i.e. groups created in the last 30 days)
Security Report
33.List of all recently decommissioned security groups
(i.e. groups deleted in the last 30 days)
Security Report
34.List of all empty security groups (i.e. groups that have no members)Security Report
35.List of all large security groups (i.e. groups that have a large membership)Security Report
36.List of all nested security groups (i.e. groups that have groups as members)Security Report
37.List of all unmanaged security groups (i.e. for which manager is not specified)Security Report
38.Individuals who can create security groups Access Report
39.Individuals who can delete security groups Access Report
40.Individuals who can modify security group memberships Access Report
41.Individuals who can modify security group scopes Access Report
42.Individuals who can modify security group types Access Report


Did you know that you can now generate these reports for free?
You can, with Gold Finger from Paramount Defenses !
 
      Free Download  

Organizational Unit and Container Management Reports
43.List of all organizational units (OUs) and containersSecurity Report
44.List of all recently commissioned OUs and containers
(i.e. those that were created in the last 30 days)
Security Report
45.List of all recently de-commissioned OUs and containers
(i.e. those that were deleted in the last 30 days)
Security Report
46.List of all unmanaged OUs and containers
(i.e. for which a manager is not specified)
Security Report
47.List of all OUs to which a group policy (GPO) is explicitly linkedSecurity Report
48.Individuals who can create organizational units Access Report
49.Individuals who can delete organizational units Access Report
50.Individuals who can disable group policies (GPO) linked to OUs, or change the list or precedence of GPOs linked to OUsAccess Report

COPYRIGHT NOTICE THE INFORMATION PRESENTED ON THIS WEBSITE IS COPYRIGHTED MATERIAL. NO PART OF THIS
INFORMATION MAY BE REPRODUCED UNLESS IT IS CLEARLY AND EXPLICITLY ACKNOWLEDGED THAT THIS WEBSITE IS
THE ORIGINAL SOURCE AND THAT A WORKING HYPER-LINK TO THIS WEBSITE IS PROVIDED.

                 What if you could instantly generate all Top-50 Active Directory security audit reports for FREE?

You can, with the Gold Finger Active Directory Reporting Tool           Download your Free copy          
< About Copyright ActiveDirSec.Com 2008 – 2010. All Rights Reserved Disclaimer >