I have a really large environment (many domain controllers). I currently have the SEM/ LEM agent installed on my two local domain controllers and I can see the changes made to the security groups as long as I am logged into one of those two local domain controllers that have the agent installed. If I, or someone else, were to make changes to the security groups from a different domain controller (that do not have the agent installed) the changes are not detected in the monitor.
I need to monitor changes to domain security groups without having to install the SEM/ LEM agent on every domain controller. Is that possible?
No, the agent needs to be installed on all domain controllers to really have anything close to decent coverage. In most cases you also want to install it on all servers to capture their local events, and depending on your policy may also need to be installed on all workstations.
I was afraid of that. Unfortunately i do not have access to all DCs in the domain. Going to have to approach this from a server local security group i think.
Thanks for your help. Much appreciated.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process. Learn more today by joining now.