Announcement

Collapse
No announcement yet.

Event ID for admin priveleges

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Event ID for admin priveleges

    I need to know; for PCI, what are the event ID numbers for when a "Domain user" is elevated to a "Domain Admin" privilege.

  • #2
    Re: Event ID for admin priveleges

    Hi,

    Do you have auditing enabled on your DC? unless that is enabled you won't be getting such events.

    Enable auditing, make a normal user member of domain admin group, check the security log and find the appropriate event.

    Security logs will get filled up quite quickly and start overwritting so you need to make sure that log size is large enough to hold at least 15 days of data.
    Thanks & Regards
    v-2nas

    MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
    Sr. Wintel Eng. (Investment Bank)
    Independent IT Consultant and Architect
    Blog: http://www.exchadtech.blogspot.com

    Show your appreciation for my help by giving reputation points

    Comment

    Working...
    X