Auditing user actions is among the most important aspects of a sound security implementation. The Point in Time Analysis and Activity Report helps you identify when a particular action was performed and who performed it. You can use this report to track changes related to GPO approval and GPO export. This report also allows you to identify the changes between two versions of the same GPO.
The GPA Console allows you to generate a GPO activity tracking report as an HTML file. When you are connected to a GP Repository, you can run the Point in Time Analysis and Activity Report using various criteria:
Domain
All users or a specific user
Type of activity
Various date ranges
To run an Activity Report from the GPA Console, select a GP Repository, and on the Action menu, click Activity Report.
GPA provides a command-line tool, ActivityReport.exe, to generate Point in Time Analysis and Activity Reports as HTML files. Using or scheduling this utility to run periodically lets you quickly create audit‑tracking records of GPO changes. For more information, see Section A.4.4, Generating the Point in Time Analysis and Activity Report Using Scripts.
The Point in Time Analysis and Activity Report is divided into the following main sections:
This section contains information related to the criteria you selected to generate the report.
This section contains the following information:
The name of the GPO
The revision history of the GPO
The date on which the revision was done
The name of the user who exported the GPO
Comments added by the user
Description of the changes made to the GPO
This information helps you in auditing the changes made to a GPO.