Solved

Query AD user objects to report the samaccountname that was initially used to create user objects

Posted on 2013-11-14
4
372 Views
Last Modified: 2013-12-20
I would like to know if there is a query (preferably csvde command line) to report the samaccountname that was initially used to create user objects. Thank you
0
Comment
Question by:h2zero
  • 2
4 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 39649025
Unfortunately  there is no attribute for whocreated  if you have old security logs and have auditing turned on you could look through those.

THanks

Mike
0
 
LVL 16

Expert Comment

by:gurutc
ID: 39649085
You can find out if you're lucky.  If you do backups of your DC and include the Security Log you can restore that log from backup for the day the user object was created.  If your logs don't roll over too quickly you may be able to find the userid object creation event.

This is the only way you'd be able to find this info out at this point

And it wouldn't be a report, it'd be one at a time.

Good Luck,
- gurutc
0
 

Author Comment

by:h2zero
ID: 39649100
What if I have a report of specific user object's samaccountname is there an ADSI query or edit that can be run against those samaccountnames to determine which samaccountname was initially used to create? Thank you
0
 
LVL 16

Expert Comment

by:gurutc
ID: 39649164
There isn't an ADSI query that will do what you need.  There's no attribute in AD for 'userid object creator.'  The only place that ever records the creation of a userid object is the Security Log, which rolls over too quickly to help most of the time.

Sorry to tell you that.

- gurutc
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now