Monitor AD group changes

Ever wanted to monitor group changes in AD? This is a script I came up with to do just that. It will collect the security log events from the last hour on all your domain controllers.

In order to use this script, just create a new scheduled task on a machine with the Active Directory module for Windows PowerShell installed and run this script every hour (or whatever you changed $time to). !! Note that the scheduled task needs to be run with an account which has domain admin privileges to be able to read from the security logs of all your domain controllers !!>

Continue reading Monitor AD group changes