Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 247
  • Last Modified:

Active Directory Event Logs

Hi

One of our System engineers moved a computer into another container in AD, which effected the user rights on aclients machine.

I need to prove that he moved the computer into this container,would  there be a log of this in events logs?

Thanks
0
Dan560
Asked:
Dan560
  • 2
1 Solution
 
KenMcFCommented:
AD Auditing would have to be enabled and you can comb through the event logs. You can use eventcomb to go through them



http://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventID=5139
http://support.microsoft.com/kb/814595
http://support.microsoft.com/kb/308471
0
 
Dan560Author Commented:
Thanks, Would there still be a log of this?
0
 
KenMcFCommented:
It would all depend if you have logging enabled, how large your security logs are, and fast they roll over. You can use eventcomb to go through.
0

Featured Post

Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now