No announcement yet.

Domain Audit

  • Filter
  • Time
  • Show
Clear All
new posts

  • Domain Audit

    I've been asked to do a domain audit.. but not entirely sure what to report on?!

    So far I have:

    1. Used the AD network diagram tool to produce AD sctucture and link GPO to each OU.
    2. Manually made diagrams of DNS and summary of all forward/reverse zones and conditional forwards, name servers etc.
    3. Manually made diagrams of DHCP and summary of scopes, reservations, lease times, excluded IPs, etc..
    4. Documented domains and trusts and replication intervals and to which servers.
    5. compiled a list of all servers physicaland virtual, their specs, function/purpose.
    6. exchange mailbox database sizes.
    7. compiled a spredsheet of accounts running services on all member servers so i can weed out any users or admin accounts that should not be running services.

    Not too bad so far??

    I know I still need to do the following:

    1. powershell/script last or oldest logins
    2. compile a list of disabled accounts
    3. document members of Domain admins/Administrators group/exchange groups. having trouble with scripts though!
    4. ideally compile list of local admins on workstations but not all users in offce at 1 time!

    from a security point of view (or other) can anyone suggest areas I have missed please?


  • #2
    Re: Domain Audit

    It seems to me that it would be up to the entity that asked you to perform the audit to define the audit criteria for you.

    This sounds like something that's been handed off by a pointy-haired boss.


    • #3
      Re: Domain Audit

      Sorry for my word since I'm new to this forums so cant able to post the link but you can visit visit technet [dot] microsoft [dot] com en-us library cc73160(v=ws.10) [dot] aspx

      Just type in according to the format and in the place of space please use a backslash.

      Sorry for my language again.

      Hope this helps for you.


      • #4
        Re: Domain Audit

        A clue to the content please, and if possible a double check on the URL as it does not appear to exist.
        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd

        ** Remember to give credit where credit is due and leave reputation points where appropriate **


        • #5
          Re: Domain Audit

          The clue of the content is

          AD DS Auditing Step-by-Step Guide

          And Confiuguring Audit Policies
          Last edited by smsith181; 28th November 2012, 14:36.