Hey everyone! I'm on the hunt for a completely free tool that can help with auditing and reporting on Active Directory. I'm looking for features like tracking accounts added to domain admins, monitoring account creation, and keeping an eye on group changes. I've already tried Netwrix and Cryosoft Guardian, but they didn't quite meet my needs. I'd love to hear what tools others are using for this purpose, especially since I need to demonstrate to auditors that we perform some level of log analysis. Thanks!
5 Answers
You should check out Ping Castle. I was going to suggest it, but I found out it was acquired by Netwrix. Still, if you haven't tried their standalone version, it could be worth a look. It's pretty solid!
What O365 licensing do you currently have? That could influence some of your choices.
I have Business Premium, if that helps.
Have you looked at AD Tidy? It could be what you need. Here's a link to their site for more info. It’s mostly for cleanup but might help depending on your requirements.
I've used AD Tidy before, but it’s primarily for bulk updates and group membership extracts. It doesn't really do auditing like I need, though. Thanks for the suggestion!
If you're okay with something low-cost instead of zero cost, Manage Engine offers some decent tools that can work well for smaller setups. But if you strictly need free options, you might find your choices limited.
Have you considered using the native tools that come with AD? It feels like a lot of folks rush towards third-party solutions for everything. There's a GitHub project called Project Sauron that you might want to check out.
Yeah, I can already picture myself getting frustrated after a few hours of tinkering with that. But I appreciate the suggestion!
I've heard about Purple Knight and Ping Castle too. If you come across any better free options, definitely let me know!