<div>
they're all listed as 'not defined' so I guess they haven't been turned on.<br />
<br />
Is the one for &quot;Audit directory service access&quot; the one that will show deletions and where does it show up in then event logs?
</div>


they're all listed as 'not defined' so I guess they haven't been turned on.

Is the one for "Audit directory service access" the one that will show deletions and where does it show up in then event logs?

<div>
okay, I think I found it. <br />
<br />
I think it's the &quot;Audit Account Management&quot; one but it says the default is to log success on Domain Controllers so that means if someone deleted the account I should have a success audit saying so
</div>


okay, I think I found it.

I think it's the "Audit Account Management" one but it says the default is to log success on Domain Controllers so that means if someone deleted the account I should have a success audit saying so

<div>
yeah, if I knew which part of the tree it's showing up in that would be good so a picture might help. :)
</div>


yeah, if I knew which part of the tree it's showing up in that would be good so a picture might help. :)

<div>
It would be in the security log on the DC.
</div>


It would be in the security log on the DC.

<div>
okay, that's the one I'm looking through now<br />

</div>


okay, that's the one I'm looking through now


<div>
<div class="content wysiwyg-content">
I have the basic auditing on our Domain Controller running server 2008. Someone deleted a couple of groups and I need to find out who. <br />
<br />
How can I find out who removed those groups in Active Directory?
</div>
</div>


I have the basic auditing on our Domain Controller running server 2008. Someone deleted a couple of groups and I need to find out who. 

How can I find out who removed those groups in Active Directory?

find out who deleted a group in AD (2008)

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.