We help IT Professionals succeed at work.

How do I find out who changed a password.

hamiltonitdept
on
6,379 Views
Last Modified: 2013-12-04
User Account Changed:
 I have looked in the security event viewer for Eventid 642 and this is the result. The User is NT AUTHORITY\ANONYMOUS LOGON       

Target Account Name:      MyAccount
       Target Domain:      Mydomain
       Target Account ID:      MyDomain\MyAccount
       Caller User Name:      ANONYMOUS LOGON
       Caller Domain:      NT AUTHORITY
       Caller Logon ID:      (0x0,0x376F31CA)
       Privileges:      -
 Changed Attributes:
       Sam Account Name:      -
       Display Name:      -
       User Principal Name:      -
       Home Directory:      -
       Home Drive:      -
       Script Path:      -
       Profile Path:      -
       User Workstations:      -
       Password Last Set:      10/5/2007 12:09:50 PM
       Account Expires:      -
       Primary Group ID:      -
       AllowedToDelegateTo:      -
       Old UAC Value:      -
       New UAC Value:      -
       User Account Control:      -
       User Parameters:      -
       Sid History:      -
       Logon Hours:      -

I am trying to track down either the computer os user who made this change.

Thanks
Comment
Watch Question

Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
hamiltonitdeptSenior Network Engineer

Author

Commented:
It is a domain user
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Master of Business Engineering Management
CERTIFIED EXPERT
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.