Active Directory audits

  • Thread starter Thread starter JC
  • Start date Start date
J

JC

Is there a way to have all the information about all (or some of) the
changes/insertions performed in Active Directory (W2000), such as user or
group operations? Some information is stored in the OS "Event Log", but the
information is not enough, because most of times only a few attribute values
is shown there (for example, the user logon old/new value is not show show
when it is changed.

What I need to be able to do is to have all the history of values for some
attributes such as the user login, group names, group members, etc. Is this
possible?

Thanks,
Juan Carlos
 
JC said:
Is there a way to have all the information about all (or some of) the
changes/insertions performed in Active Directory (W2000), such as user or
group operations? Some information is stored in the OS "Event Log", but the
information is not enough, because most of times only a few attribute values
is shown there (for example, the user logon old/new value is not show show
when it is changed.

What I need to be able to do is to have all the history of values for some
attributes such as the user login, group names, group members, etc. Is this
possible?

Thanks,
Juan Carlos
Click to expand...

Have you turned on auditing yet for directory service access and account
management?
 
Thanks for your answer.

Yes I do. And I've turned on also the audits for the specific objects in
Active Directory. The events generated in the "Event log" are account events
and "directory service" events when the objects are accessed.

But what I cant get from the event log is for example (I'm particularly
interested in this) the new value when a user's login is changed. The
information about what attributes were modified is written in the log, but
not the value of the attributes. For some properties (such as the user
"name") it is shown, but for others (many) not.
I want to know if there is a way to get/track this
information/modifications.

I'm using Windows 2000. I may use Windows 2003 if this worked in that OS,
but I've got no information out there about this in Windows 2003.

Thanks a lot,

Juan Carlos
 
Back
Top