How do I know if new admin account has been created ?

  • Thread starter Thread starter Marlon Brown
  • Start date Start date
M

Marlon Brown

Is there any way that I get notified in case any new domain admin or
administrator account is created in the domain ? I have MOMSP1 deployed, if
that helps.

If there is no way, I guess I could do a logon script that queries Domain
Admins group and sends me a msgbox in case somebody new was added to the
admin groups.
 
Marlon Brown said:
Is there any way that I get notified in case any new domain admin or
administrator account is created in the domain ? I have MOMSP1 deployed, if
that helps.

If there is no way, I guess I could do a logon script that queries Domain
Admins group and sends me a msgbox in case somebody new was added to the
admin groups.
Click to expand...

This doesn't really answer your question, but one thing you can do to help
control the domain admins group is to make it a restricted group via Group
Policy. This way if someone does get added improperly, they will be removed
when the GPO is refreshed.

I'm sure there's a better way, but I would probably just write a script the
dumps the members of the groups you want to monitor and sends the results in
an e-mail. Depending on how paranoid you are you could run this once a
night or something.


matt
 
Back
Top