Solved

Active Directory Event Logs

Posted on 2010-11-10
3
238 Views
Last Modified: 2012-05-10
Hi

One of our System engineers moved a computer into another container in AD, which effected the user rights on aclients machine.

I need to prove that he moved the computer into this container,would  there be a log of this in events logs?

Thanks
0
Comment
Question by:Dan560
  • 2
3 Comments
 
LVL 27

Accepted Solution

by:
KenMcF earned 500 total points
ID: 34100993
AD Auditing would have to be enabled and you can comb through the event logs. You can use eventcomb to go through them



http://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventID=5139
http://support.microsoft.com/kb/814595
http://support.microsoft.com/kb/308471
0
 
LVL 2

Author Comment

by:Dan560
ID: 34101004
Thanks, Would there still be a log of this?
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 34101940
It would all depend if you have logging enabled, how large your security logs are, and fast they roll over. You can use eventcomb to go through.
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

[b]Ok so now I will show you how to add a user name to the description at login. [/b] First connect to your DC (Domain Controller / Active Directory Server) SET PERMISSIONS FOR SCRIPT TO UPDATE COMPUTER DESCRIPTION TO USERNAME 1. Open Active …
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now