Hi joe...I've seen you make this reference in the past and can't remember if you've elaborated on it as well (sorry for not searching - feel free to refer me...getting late here). Since we use the same idea mentioned by Diane below, but *do* use LDAP as the method...
...should we be using "net user" [or some distant cousin of it] additionally to catch memberships not returned by LDAP? Was that it? Thanks! -DaveC -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Thursday, October 06, 2005 8:24 PM To: [email protected] Subject: RE: [ActiveDir] Modifying Domain Admins & Administrators Group How does it work? Do you use LDAP to look at the membership? If so, you probably have a whole in the implementation. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ayers, Diane Sent: Thursday, October 06, 2005 2:20 PM To: [email protected] Subject: RE: [ActiveDir] Modifying Domain Admins & Administrators Group We run a simple process that monitors the members of elevated privilege groups. Any changes trigger a notification. Doesn't address the prevention but will allow you to capture the occurrence and deal with it appropriately. Diane -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Devan Pala Sent: Thursday, October 06, 2005 10:00 AM To: [email protected] Subject: [ActiveDir] Modifying Domain Admins & Administrators Group Hi, We have about 7 domain administrators in a particular child domain. I just found out someone added the DBA Group to part of the Administrators group in this domain. Not necessary, not required nor is it a policy. Event logs have obviously been overwritten therefore I would like to know the simplest method to avoid this scenario from ever happening again. What are my options? Thank you so much. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ----------------------------------------------------------------- Visit our Internet site at http://www.reuters.com To find out more about Reuters Products and Services visit http://www.reuters.com/productinfo Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Reuters Ltd. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
