Ureader.com  
Microsoft software help and Community
   home   |   control panel login   |   archive   |  
 
platform
active.directory
adsi
adsi.iis-admin
base
com_ole
complus_mts
component_svcs
database
directx
gdi
graphics_mm
internet.client
internet.server
internet.server.isapi-dev
localization
mapi
messaging
msi
mslayerforunicode
multimedia
networking
networking.ipv6
sdk_install
security
shell
telephony.tapi_2
telephony.tapi_3
telephony.tsp
telephony.wte
tools
ui
ui_shell
win_base_svcs
win16
  
 
date: Mon, 23 Jun 2008 12:36:00 -0700,    group: microsoft.public.platformsdk.security        back       


Auditing Removal and Modification of AD Objects    
Can someone give me an article or answer a question on auditing specific user 
events:  I have enabled Object Access for Domain Controllers but how do I 
tell who moved a pc or user in another OU or deleted them? I see the generic 
event 560 when I tested and moved a user and a pc but it really doesn't 
explain what I did.  Is there a more specific way to find out what the user 
did when accessing the object?  Maybe I should already know this but a need 
does not come up until now.

Thank you,
date: Mon, 23 Jun 2008 12:36:00 -0700   author:   TeeCee

RE: Auditing Removal and Modification of AD Objects    
Using adsiedit.msc, there is an Audit tab int he Security property pages.  I 
haven't tried it yet though.
date: Wed, 25 Jun 2008 06:34:06 -0700   author:   fixitchris

RE: Auditing Removal and Modification of AD Objects    
Let me try and I will get back to you. Thank you.

"fixitchris" wrote:

> Using adsiedit.msc, there is an Audit tab int he Security property pages.  I 
> haven't tried it yet though.
date: Wed, 25 Jun 2008 06:46:03 -0700   author:   TeeCee

Google
 
Web ureader.com


    COPYRIGHT 2007, YARDI TECHNOLOGY LIMITED, ALL RIGHT RESERVE  |   contact us