Hello @Tom Andersen ,
Thank you for posting on our Q&A forum.
Based on my knowledge, we can understand version number as below.
1.When we create a new GPO, the version number is 0. After we edit this new GPO and configure one GPO setting, the version number will increase to 1.
For example 1:
The version number is 46 currently about “Default Domain Controller Policy” object, after I edit the two GPO settings within “Default Domain Controller Policy” object at the same time, the version number will be increased to 48 (because I edit two settings).
Tip: Here are the two GPO settings I edited this GPO:
1.I add domain user A\daisy to “Allow log on locally”.
2.And add the user account A\Daisy1 to “Allow log on through Remote Desktop Services”.
2.If I edit the "Default Domain Controller Policy” object above again and undo a previous setting, the version number will still be increased by 1.
For example 2:
I edit this GPO by removing the user account A\Daisy1 from “Allow log on through Remote Desktop Services”, the version number on "Default Domain Controller Policy” will be 49.
Here is the possible cause of your question.
Q: Yesterday, for about 45 minutes, I kept getting notifications that my Default Domain Controller GPO was changing. Investigating, the only thing that was changing was the version number. No other changes were made to it. The version number ended up going up by about 20 when all was said and done. Any idea what could have caused this?
A: During that 45 minutes yesterday, someone (maybe he/she is other domain admin) was editing the Default Domain Controller Policy GPO, so some GPO settings within Default Domain Controller Policy GPO may be configured/changed.
However, as the example 2 above, if he/she undo all the configured GPO settings he/she configured during 45 minutes within Default Domain Controller Policy GPO, maybe there is no GPO setting changes within Default Domain Controller Policy GPO.
Here are my suggestions:
1.Try to find who edited this GPO, maybe he/she is your colleague.
2.We can export all the GPO settings on the DC and try to check if there is any change.
Log on one DC with domain Administrator.
Open CMD (run as Administrator).
Type gpresult /h C:\report.html and click Enter.
Check all the settings under “Computer Details” and within “Default Domain Controller Policy”.
For example:
3.By the way, would you please tell me where you got notifications about GPO changing?
Whether you can find some information about GPO changes from the notifications.
Hope the information above is helpful.
Should you have any question or concern, please feel free to let us know.
Best Regards,
Daisy Zhou
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.