Audit Alert Scenarios: System Center Operations Manager (OpsMgr) 2007 R2

The other day I was asked to assist with implementing the scenarios below: Scenario 1: Alert for changes to the ‘Domain Admin’ group membership Scenario 2: Alert when the Audit Policy is changed (Default Domain or Domain Controller) Scenario 3: Alert when xx number of unsuccessful logons occur within nn hours Scenario 4: Account locked…

0

Audit Report Scenarios: How to create custom reports with System Center Operations Manager 2007 R2 and Audit Collection Services (ACS)

Scenarios that are discussed in this blog post include: Scenario 1: Computers joined to the domain (names and description) Scenario 2: User passwords expired Scenario 3: User accounts locked out Scenario 4: Group policy changes Scenario 1: Computers joined to the domain (names and description) The following Event Id’s will be used in this procedure:…

0

Quick Tip: How to run an ACS Forwarder, Collector, RMS and DC on the same host

Manually enable the ‘Operations Manager Audit Forwarding Service’ (AdtAgent.exe). Regedit > [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\AdtAgent\Parameters] > New > Multi-String Value > AdtServers > ‘CollectorFQDN’ Note: Step 2 resolved Event ID 4369 (with a blank list of collectors) for me. Hopefully this configuration of roles will only ever be used in a lab environment!

1