<div>
If the user name/password were used by the alleged perpetrator, there is no particular method to differentiate that activity from the valid user. &nbsp; Unless the activity was performed from a different PC that the one the actual user uses daily
</div>


If the user name/password were used by the alleged perpetrator, there is no particular method to differentiate that activity from the valid user.   Unless the activity was performed from a different PC that the one the actual user uses daily

<div>
&gt;Unless the activity was performed from a different PC that the one the actual user uses daily <br />
<br />
We beleive so.
</div>


>Unless the activity was performed from a different PC that the one the actual user uses daily

We beleive so.

<div>
<div class="content wysiwyg-content">
I need some sort of general brain storming from you experts around user activity. Essentially there is a (slight/potential) allegation someone may have compromised another users domain username/password and logged into the domain from a PC with those credentials. In terms of “what they did” with that account what areas would you look to for clues, I could do with just a top 5 areas you’d review to see what kind of activity took place. Internet activity is the obvious but potentially many many more. If of any use the machines are XP.
</div>
</div>


I need some sort of general brain storming from you experts around user activity. Essentially there is a (slight/potential) allegation someone may have compromised another users domain username/password and logged into the domain from a PC with those credentials. In terms of “what they did” with that account what areas would you look to for clues, I could do with just a top 5 areas you’d review to see what kind of activity took place. Internet activity is the obvious but potentially many many more. If of any use the machines are XP.

User activity groups

Microsoft Windows XP is the sixth release of the NT series of operating systems, and was the first to be marketed in a variety of editions: XP Home and XP Professional, designed for business and power users. The advanced features in XP Professional are generally disabled in Home Edition, but are there and can be activated. There were two 64-bit editions, an embedded edition and a tablet edition.

Windows XP

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.