Event log not logging account creations in Exchange server.

When i create a new user account on either of my 2 domain controllers it creates event ID 624 and 626. However if i create the account on my Mail server the account creates just fine but it is not creating those 2 event ID's in the logs. any ideas why?
tkthelpdeskAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
sunnyc7Commented:
I am not sure if there is anyway you can log new account creation.
You can crank up diagnostic logging in Exchange 2003 to monitor all logons

Admin Groups
Domain Name
Servers
SERVERNAME
> right click properties
diagnostic logging tab
expand msexchangeIS

Sembee (Exchange MVP) also said so here
http://www.petri.co.il/forums/showthread.php?t=20203
0
 
tkthelpdeskAuthor Commented:
Why does it create the event ID's fine on my DC's?
0
Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

 
sunnyc7Commented:
Are you creating accounts in your mail server using ADUC ?
0
 
tkthelpdeskAuthor Commented:
Yes.
0
 
tkthelpdeskAuthor Commented:
Guess i could create the account on the DC and then go to the mail server and create a mailbox to it? Just adds a step.
0
 
tkthelpdeskAuthor Commented:
My auditing for AD is correct as is obvious because the event ID's are needed when i create them on the domain controllers. My problem is not answered in these areticles as to why they do not create in my Mail server logs
0
 
sunnyc7Commented:
Will wait for others to post.
0
 
tkthelpdeskAuthor Commented:
ok figured it out....kinda. My Mail server was authentcating to DC2 so when i created account, nothing was showing up in logs of DC2 (i read an artice that said because account is really being created in AD not on Mail server it wont show up in mail logs). When i forced the mail server to authenticate onto DC1 the files apear in DC1 security logs.
0
 
tkthelpdeskAuthor Commented:
Thanks for helping me figure this out.
0
 
sunnyc7Commented:
You're welcome. didnt know that part @ DC2 :)
I am glad it worked out.

thanks for the points.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.