News Stay informed about the latest enterprise technology news and product updates.

NetPro tool tracks Active Directory changes

New software announced this week by NetPro will act like a sleuth for Microsoft's Active Directory. It will solve the "whodunit" when changes are made.

Directory management tools vendor NetPro Computing Inc. said this week that it will release several products, including software that helps Active Directory administrators zero in on details about any changes made to the enterprise directory.

Customers and consultants agreed that there are a few products on the market that can audit the various aspects of Active Directory in rich detail. They said that NetPro's Change Auditor for Active Directory could be useful because it helps determine all changes across all elements of Active Directory, including group policy, domain name system (DNS), schema and other elements, in real time.

"The tool can extract not just when things change, but who changed them and precisely which group policy was changed," said Jeremy Moskowitz, an author and consultant based in Wilmington, Del.

The software can be a key security tool in an enterprise where someone can make a change to Active Directory and it can't be tracked, he added.

Others agreed. In general, Windows and Active Directory have few auditing tools, so the Change Auditor is helpful in making sure that policies and a company's security architecture are kept intact, said John Enck, an analyst at Stamford, Conn.-based Gartner Inc.

Enck said that the emergence of new regulatory compliance initiatives means that IT is being subjected to more accountability. As a result, IT is having to show logs, maintain audit trails and show general compliance, Enck said.

"I'm not saying this is a HIPAA [Health Insurance Portability and Accountability Act] tool, but it will help," Enck said.

One NetPro customer is interested in the tool for exactly that reason. "We've had issues when changes that occur with DNS that are dynamic in nature are not easily detectable," said Todd Myrick, an IT professional at a research center he declined to name.

Myrick said that Microsoft doesn't include centralized event reporting tools. To decipher certain events, you need to turn on the diagnostic loggings in Exchange, Active Directory and other systems.

"Trying to identify the who, what, when, where and why of an event is incredibly difficult," he said. "And, in a large deployment of Active Directory, you have a lot of domain controllers. Getting an idea of who made a change is not easily done."

Phoenix-based NetPro has traditionally focused on Active Directory tools, but the company is also broadening its reach into Exchange and identity management. This week, the company is also releasing several other products, including MissionControl for Microsoft Identity Integration Server; Directory Analyzer 3.0, an updated version of the tool that adds an Exchange view to Active Directory; and Directory Troubleshooter 3.0, a repair tool for Active Directory.

The beta for Change Auditor is just beginning, and the product won't be available until May. It will cost $12 per user. MissionControl for Microsoft IIS also won't ship until May. Pricing has not yet been determined.

The Directory Analyzer ships in March and will cost $12 per user. The Directory Troubleshooter is available this month and costs $5 per user.

The products essentially "snap in" to both Microsoft Operations Manager (MOM) and Hewlett-Packard Co.'s OpenView management software, said Kevin Hickey, NetPro's president and chief executive officer.


Learning Guide: Managing your Active Directory

Article: New AD tool brings users 'back from the dead'

Expert advice: Top 5 Active Directory migration tips

Dig Deeper on Windows client management