We have requirement to audit Domain Password policy for any changes made to it.
I am aware of Audit policy in Windows 2008R2, however how can i prevent audit policy from getting changed/disabled?
if a rogue admin disable the audit policy, then i would not know if the password policy will get changed. This may never happen but the impact could be very severe.
ideally i would like to audit the password policies and immediately send alerts to a group of other admins. Basically asking - how to audit the audit and password policy. What is the best way to achieve this?
Navgup
