Solved

automate notification for disable user account in AD

Posted on 2016-10-05
4
37 Views
Last Modified: 2016-10-06
We run Windows Server 8 R2 with Exchange 2010. Is there a script to get notification  as soon as the user go into disabled status in AD?
0
Comment
Question by:TreeRootHD
  • 2
4 Comments
 
LVL 40

Accepted Solution

by:
Subsun earned 250 total points
ID: 41829881
If you are talking about alert for any disabled user account, better enable active directory auditing and create a alert for  Security log for event ID’s 4725 (User Account Management task category).

Set email alert   for an event  
https://blogs.technet.microsoft.com/jhoward/2010/06/16/getting-event-log-contents-by-email-on-an-event-log-trigger/

If you are trying to monitor a single user, then PowerShell script is better option..
0
 
LVL 54

Assisted Solution

by:McKnife
McKnife earned 250 total points
ID: 41829900
Setup a scheduled task on all of your DCs that uses event triggers. When account management is audited at the DCs, an event is logged to their security event logs. You can define an action that notifies you very simple using powershell mailing.

Steps:
1 create and right away disable a test account
2 open the DC's eventvwr and in it, the security log. Search for the username (1) so you'll find the event number and all.
3 create a task that gets triggered by this event and sends you the event (2) as body

If you need further help, just say

Edit: sorry subsun... just got distracted while writing and now yours was there, first.
0
 
LVL 40

Expert Comment

by:Subsun
ID: 41829928
No worries :-)
0
 

Author Closing Comment

by:TreeRootHD
ID: 41832020
That worked well. Thank you both.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html) provided 218 attendees with a step-by-step guide for identifying Acti…
The following article is intended as a guide to using PowerShell as a more versatile and reliable form of application detection in SCCM.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question