automate notification for disable user account in AD
We run Windows Server 8 R2 with Exchange 2010. Is there a script to get notification as soon as the user go into disabled status in AD?
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
If you are talking about alert for any disabled user account, better enable active directory auditing and create a alert for Security log for event ID’s 4725 (User Account Management task category).
Set email alert for an event
https://blogs.technet.microsoft.com/jhoward/2010/06/16/getting-event-log-contents-by-email-on-an-event-log-trigger/
If you are trying to monitor a single user, then PowerShell script is better option..
Set email alert for an event
https://blogs.technet.microsoft.com/jhoward/2010/06/16/getting-event-log-contents-by-email-on-an-event-log-trigger/
If you are trying to monitor a single user, then PowerShell script is better option..
Setup a scheduled task on all of your DCs that uses event triggers. When account management is audited at the DCs, an event is logged to their security event logs. You can define an action that notifies you very simple using powershell mailing.
Steps:
1 create and right away disable a test account
2 open the DC's eventvwr and in it, the security log. Search for the username (1) so you'll find the event number and all.
3 create a task that gets triggered by this event and sends you the event (2) as body
If you need further help, just say
Edit: sorry subsun... just got distracted while writing and now yours was there, first.
Steps:
1 create and right away disable a test account
2 open the DC's eventvwr and in it, the security log. Search for the username (1) so you'll find the event number and all.
3 create a task that gets triggered by this event and sends you the event (2) as body
If you need further help, just say
Edit: sorry subsun... just got distracted while writing and now yours was there, first.
Premium Content
You need an Expert Office subscription to comment.Start Free Trial