The Windows Powershell from Microsoft is a free extensible automation engine from Microsoft, consisting of a command-line shell and associated scripting language.
It is an automation engine that relies on the Microsoft .NET Framework and involves the execution of cmdlets which are basically speicialized .NET classes which implement specific operations.
It can however be used to perform a variety of functions on the Windows Platform. It can also be used to query data from Active Directory and to perform common day-to-day aspects of AD management.
One advantge of using Powershell is that it makes it easy for IT admins to derive greater value out of their efforts in scripting so they can automate (at least parts of) common day-to-day IT management and reporting tasks. It also lets IT admins leverage the work of other admins as these scripts can be shared with the community.
The disadvantage of PowerShell is that it relies largely on the development of scripts and even though it makes it easier to derive greater value from scripts, it certainly leaves the possibility of human error. It also takes additional effort to generate reports that are in a presentable fashion and decent enough for submission for any audit or as regulatory compliance evidence.
A Set of Essential Active Directory Tools that every Active Directory Admin Should Have in Their Toolset
Active Directory Security and Active Directory Delegation play a mission-critical role in global security. A good Active Directory Audit Tool / Active Directory Reporting Tool / Active Directory Auditing Tool / Permissions Analyzer for Active Directory can help Audit Active Directory, generate Active Directory Reports and mitigate Active Directory Risks such as Active Directory Privilege Escalation, and find out who can reset your windows password.
Hi Jesse,
ReplyDeleteI happened to come across your blog, so thought I'd leave a note.
I've been wanting to blog for a while now, and have a little blog of my own as well over as Active Directory Forestry, but I just can't seem to find the time.
We've been very busy helping clients understand how to analyze and audit security permissions in Active Directory because it is so important to Active Directory security.
We came across a valuable Active Directory Audit Tool and its been very helpful as we perform many an Active Directory Audit for our clients. Thought I mention it.
If you have some time, do stop by. I would love to hear from you.
Sincerely,
Ben
Hi Jesse,
ReplyDeleteI think of Active Directory Security as being critical to business these days and Active Directory Auditing is very important.
Personally, I've found that the need to audit what is being audited in Active Directory is equally important as well.
I recently came across a cool Active Directory ACL Export/Dump Tool and have been using it for these audits.
I thought you might find my experience with How to audit / find out what is being audited in Active Directory helpful so thought of sharing it with you.
Adios,
Will
Nice blog. I put together a high-level list of what to audit in Active Directory, and thought I wold share it with you.
ReplyDelete