Group Changes

Group Changes is an audit feature that shows the group membership changes for the specified user.  This is more than just displaying the group memberships for the user, the function will scan the AD replication properties of all groups in the domain, forest or selected OU for any changes associated to the user and display the corresponding operations, covering both addition and removal from groups.


The function scans the object Meta data contained in the msDS-ReplValueMetaData attribute of the group objects to identify changes associated to the user.  For a more detailed explanation on how this feature works see How Group Changes Works 

As the function will scan all of the group objects in the selected scope, depending on the number of groups, the scan can take an extended period of time to complete. Due to the amount of data that is read from the AD, it's best to run NetTools on the DC or from a machine with a high speed network connection (LAN).