Windows Server 2008 Active Directory Auditing and FGPP PM Interview

Posted By: David Tesar | Feb 28th @ 11:59 PM
Hear about Windows Server 2008 AD auditing and FGPP directly from the source!  In this interview with Siddharth Bhai the program manager (PM) for this AD functionality, he gives us a bunch of great information. 

For instance he: 
- Explains the recommended practices on how to create password settings objects (PSOs) and delegate the permissions for these. 

- Gives numerous reasons as to why the team made the decision for PSOs being assigned via groups and not OUs

- Tells us why the team didn't produce a more rich GUI tool to create PSOs (instead of the manual creation using ADSIedit)

- Describes why they made the decisions to include the new auditing features in WS08

- Simplifies the areas how to apply auditing (Global auditing, Schema, specific ACE per object)

- Shares thoughts on what might be coming up next with auditing and FGPP

Some resources referenced in this interview:
Windows Server 2008 Auditing AD DS Changes Step-by-Step Guide
Step-by-Step Guide for Fine-Grained Password and Account Lockout Policy Configuration
Tags: , ,
Rating:
0
0
#Mar 3rd @ 11:11 PM
chriss3
chriss3

Hello.
I've made a MMC Console and a Powershell Cmd'let to manage FGPP, that is available for free.

Download Fine Grain Password Policy Tool (x86) Beta 2.
http://www.truesec.com/PublicStore/Profile/Downloads.aspx?versionid=16
Download Fine Grain Password Policy Tool (x64) Beta 2.
http://www.truesec.com/PublicStore/Profile/Downloads.aspx?versionid=17

Regards
Christoffer Andersson
Microsoft MVP - Directory Services