Solved

Tracing back where the Domain & Enterprise Administrator account is used ?

Posted on 2014-10-21
5
173 Views
Last Modified: 2014-10-30
Hi,

Is there any way to trace back where the Domain & Enterprise Administrator account is used in an AD domain ?

I need to get the list of where it is used before I rename the AD account and change the password in my company.

Any help would be greatly appreciated.

Thanks
0
Comment
  • 2
  • 2
5 Comments
 
LVL 19

Assisted Solution

by:Miguel Angel Perez Muñoz
Miguel Angel Perez Muñoz earned 167 total points
ID: 40394455
0
 
LVL 9

Accepted Solution

by:
dlb6597 earned 333 total points
ID: 40394477
you can also check the lastlogon attribute for the accounts to see the last time they were used.
you can dump out the services for each server to make sure the accounts aren't being used to run services.
One last resort (if you aren't in a critical environment) is to temporarily disable each account and see who calls.
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40394496
Somehow the active directory functionality level is still on Windows Server 2003. So does that feature still available ?

I don't have SCCM in the domain.
0
 
LVL 9

Assisted Solution

by:dlb6597
dlb6597 earned 333 total points
ID: 40394507
not sure which functionality you are specifically referring to, but both auditing and the lastlogon information are available in 2003.
0
 
LVL 7

Author Comment

by:Senior IT System Engineer
ID: 40394515
Ok so what's the powershell script to query that on each AD DC servers ?
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

In this previous article (https://oddytee.wordpress.com/2016/05/05/provision-new-office-365-user-and-mailbox-from-exchange-hybrid-via-powershell/), we made basic license assignments to users in O365. When I say basic, the method is the simplest way …
I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now