Event log not logging account creations in Exchange server.
When i create a new user account on either of my 2 domain controllers it creates event ID 624 and 626. However if i create the account on my Mail server the account creates just fine but it is not creating those 2 event ID's in the logs. any ideas why?
ASKER
Why does it create the event ID's fine on my DC's?
Are you creating accounts in your mail server using ADUC ?
ASKER
Yes.
ASKER
Guess i could create the account on the DC and then go to the mail server and create a mailbox to it? Just adds a step.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
My auditing for AD is correct as is obvious because the event ID's are needed when i create them on the domain controllers. My problem is not answered in these areticles as to why they do not create in my Mail server logs
Will wait for others to post.
ASKER
ok figured it out....kinda. My Mail server was authentcating to DC2 so when i created account, nothing was showing up in logs of DC2 (i read an artice that said because account is really being created in AD not on Mail server it wont show up in mail logs). When i forced the mail server to authenticate onto DC1 the files apear in DC1 security logs.
ASKER
Thanks for helping me figure this out.
You're welcome. didnt know that part @ DC2 :)
I am glad it worked out.
thanks for the points.
I am glad it worked out.
thanks for the points.
You can crank up diagnostic logging in Exchange 2003 to monitor all logons
Admin Groups
Domain Name
Servers
SERVERNAME
> right click properties
diagnostic logging tab
expand msexchangeIS
Sembee (Exchange MVP) also said so here
http://www.petri.co.il/forums/showthread.php?t=20203