Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

automate notification for disable user account in AD

Posted on 2016-10-05
4
Medium Priority
?
80 Views
Last Modified: 2016-10-06
We run Windows Server 8 R2 with Exchange 2010. Is there a script to get notification  as soon as the user go into disabled status in AD?
0
Comment
Question by:TreeRootHD
  • 2
4 Comments
 
LVL 40

Accepted Solution

by:
Subsun earned 1000 total points
ID: 41829881
If you are talking about alert for any disabled user account, better enable active directory auditing and create a alert for  Security log for event ID’s 4725 (User Account Management task category).

Set email alert   for an event  
https://blogs.technet.microsoft.com/jhoward/2010/06/16/getting-event-log-contents-by-email-on-an-event-log-trigger/

If you are trying to monitor a single user, then PowerShell script is better option..
0
 
LVL 57

Assisted Solution

by:McKnife
McKnife earned 1000 total points
ID: 41829900
Setup a scheduled task on all of your DCs that uses event triggers. When account management is audited at the DCs, an event is logged to their security event logs. You can define an action that notifies you very simple using powershell mailing.

Steps:
1 create and right away disable a test account
2 open the DC's eventvwr and in it, the security log. Search for the username (1) so you'll find the event number and all.
3 create a task that gets triggered by this event and sends you the event (2) as body

If you need further help, just say

Edit: sorry subsun... just got distracted while writing and now yours was there, first.
0
 
LVL 40

Expert Comment

by:Subsun
ID: 41829928
No worries :-)
0
 

Author Closing Comment

by:TreeRootHD
ID: 41832020
That worked well. Thank you both.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question