Announcement

Collapse
No announcement yet.

Active Directory 2003 - Enable Logging/Auditing

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Active Directory 2003 - Enable Logging/Auditing

    Hey there,

    please can somebody help with the following.
    I would like to enable logging of new accounts created on our domain.
    items to include would need to be...

    1. Who logged onto the DC
    2. When the account was created
    3. When an account gets deleted.
    4. When any rights get added or removed from a user or group.


    any help would be great

    thanks in advance

    Russ

  • #2
    Re: Active Directory 2003 - Enable Logging/Auditing

    I have enabled Audit account management within Active Directory but I still am NOT seeing any events for new accounts......Event ID 624

    any help would be great

    cheers

    Comment


    • #3
      Re: Active Directory 2003 - Enable Logging/Auditing

      I don't know what policy you have changed but you might have a read on this:
      http://www.windowsecurity.com/articl...urity-Log.html
      Marcel
      Technical Consultant
      Netherlands
      http://www.phetios.com
      http://blog.nessus.nl

      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
      "No matter how secure, there is always the human factor."

      "Enjoy life today, tomorrow may never come."
      "If you're going through hell, keep going. ~Winston Churchill"

      Comment


      • #4
        Re: Active Directory 2003 - Enable Logging/Auditing

        thanks for you help.
        I have now sorted the problem......event log was corrupt.
        Recreated the log files and now all event IDs are shown

        thanks again

        cheers

        Comment

        Working...
        X