Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Finding who deleted an account and when

Posted on 2004-10-27
2
Medium Priority
?
180 Views
Last Modified: 2010-04-19
One of our key service accounts was deleted from our windows 2003 domain on the last 3 days.  I have domain techies on staff as well as a contractor who uses remote acess to get into the domain.  Is there a way I can pin down when the account was deleted and by whom?  What's the best way to keep track of this stuff so I can see who does what to our domain accounts.

Cheers,
Scott.
0
Comment
Question by:Scozza
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 12430504
If you have Auditing enabled, you can look in your security event log for this info (assuming you have indicated account changes to be audited).  If not, you pretty much will never know in this case.  HOWEVER, if you enable it from this point forward, you'll know in the future.
0
 
LVL 96

Accepted Solution

by:
Lee W, MVP earned 750 total points
ID: 12430508
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question