Solved

Checking user added and removed from administrator group in windows

Posted on 2009-05-14
2
266 Views
Last Modified: 2012-05-07
Hi,
I'm looking for method that we can trace previous removed and added user in windows administrator group, will this be possible to trace?
0
Comment
Question by:motioneye
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 15

Expert Comment

by:Rob Stone
ID: 24393636
You might want to look into the windows auditing features.

Depending on what level you are looking at you will need some extensive space for log files though.
0
 
LVL 11

Accepted Solution

by:
Dmitriy Ilyin earned 500 total points
ID: 24393639
Easy way to monitor this with mail.
all you needed it's
1. PowerShell - http://www.microsoft.com/windowsserver2003/technologies/management/powershell/default.mspx
2. Powershell extension - http://www.quest.com/activeroles-server/arms.aspx
3. Script
4. Sheduled task.

Script you can find below.
Get-QADGroupMember -Identity "Domain admins" | FT Name > C:\members.txt
 
###change the mail message values in this section
$FromAddress = "Administrator@**.**"
$ToAddress = "D.Ilyin@**.**"
$MessageSubject = "Group Membership Report"
$MessageBody = "Attached is the current list of mailbox sizes."
$SendingServer = "srvex1.**.**"
 
###Create the mail message and add the text file as an attachment
$SMTPMessage = New-Object System.Net.Mail.MailMessage $FromAddress, $ToAddress, $MessageSubject, $MessageBody
$Attachment = New-Object Net.Mail.Attachment("c:\members.txt")
Start-Sleep -s 5
$SMTPMessage.Attachments.Add($Attachment)
 
###Send the message
$SMTPClient = New-Object System.Net.Mail.SMTPClient $SendingServer
$SMTPClient.Send($SMTPMessage)

Open in new window

0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Log files are useful in diagnosing and repairing problems.  This is a list of common log files and their standard locations that I've compiled.   While this is not exhaustive, it is a pretty good list that I've found to be useful.  I may update it f…
The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question