Solved

I would like to know if there is a way to determine who deleted an OU?

Posted on 2006-07-06
2
249 Views
Last Modified: 2013-12-04
I know a similar question was asked, but I did not find those answers useful. Some logging is turned on. What logging needs to be tunred on to find this information? This morning an OU just dissappeared. We were able to catch it before it replicated to another site, and do an active directory authoritative restore from that DC. But I need to find out how that DC just dissappeared.
0
Comment
Question by:mspolter
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 19

Accepted Solution

by:
CoccoBill earned 500 total points
ID: 17057462
You need to be auditing success events for "Audit directory service access" to catch it, and of course the person deleting the OU needs to have used a personal user account.

For more info about auditing have a look at the Threats and countermeasures guide, chapter 3:

http://www.microsoft.com/technet/security/topics/Serversecurity/tcg/tcgch00.mspx
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question