Solved

How to audit changes to AD objects/accounts?

Posted on 2014-04-11
3
352 Views
Last Modified: 2014-05-02
Experts,

What is the best practice to determine who made permission changes to an AD object? I know the account and have a general time frame of when the chance was made.

Thank you very much!
0
Comment
Question by:grindsmygeaqrs
3 Comments
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39994530
Hi,

Please see the below link for best practice to determine who made permission changes to an AD object.
http://blog.pluralsight.com/windows-server-2008-auditing-active-directory
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39995016
0
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 500 total points
ID: 39995765
Refer below link to enable auditing.

AD DS Auditing Step-by-Step Guide:
http://technet.microsoft.com/en-us/library/cc731607(v=ws.10).aspx

HOW TO: Audit Active Directory Objects in Windows Server 2003
http://support.microsoft.com/kb/814595

Apart from the auditing, you can use third party tools like Quest and Ntewrix to find out WHO changed WHAT, WHEN, and WHERE to list additions, deletions, and modifications made to Active Directory users, groups, computers, OUs, group memberships.
 
NetWrix tool : http://www.netwrix.com/active_directory_change_reporting_freeware.html
 
Quest: http://www.quest.com/changeauditor-for-active-directory/
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the steps required to use the default Photos screensaver to display branding/corporate images
Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question