a
You can download the MDOP 2013 R2 ISO from Microsoft;
The first step is to install the AGMP Server on to a Domain Controller in your environment. The installation is very straight forward and uninteresting therefore I am not going to cover it in detail. In this example I am also going to install the AGMP Client on to the same Domain Controller.
When the AGPM Server
installation completes a new tab will appear in Group Policy Management called
Change Control this is where the majority of AGPM tasks are done.
Click on the Uncontrolled tab and you will
see a list of Group Policy Objects that are not being audited or managed using
AGPM. Right click on one of your GPO's and select Control.
This will then instruct AGPM to audit and track
any changes that are made to that GPO. For this example I have deliberately
make some policy changes to the AGPM Example GPO.
If you click on the Controlled tab, and
right click on the GPO you have auditing set on and select Differences and
then HTML Report.
AGPM will generate and output a full HTML report
that highlights and changes to that particular GPO.
The History tab also tracks time and date
stamps on events and GPO changes.
I have found this tool extremely useful in large
enterprise environments where there are multiple Active Directory
Administrators (or IT service providers) all working on the Group Policies. It
was particularly good when someone accidentally deleted the Default Domain
Policy link from a production domain.
