? which part? Met vriendelijke groeten / Kind regards, Ing. Jorge de Almeida Pinto Senior Infrastructure Consultant MVP Windows Server - Directory Services LogicaCMG Nederland B.V. (BU RTINC Eindhoven) ( Tel : +31-(0)40-29.57.777 ( Mobile : +31-(0)6-26.26.62.80 * E-mail : <see sender address>
________________________________
From: [EMAIL PROTECTED] on behalf of Laura A. Robinson
Sent: Tue 2006-12-05 19:44
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Is it possible to determine who created an AD object?
Have you tested this?
________________________________
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Almeida
Pinto, Jorge de
Sent: Tuesday, December 05, 2006 12:53 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Is it possible to determine who created an AD
object?
If you are member of ADMINISTRATORS directly or indirectly through a
CUSTOM group it will by default list ADMINISTRATORS. Changing the policy lists
the object creator.
If you are member of DOMAIN ADMINS also, it will list DOMAIN
ADMINSâEUR¦. Is this what you mean?
If the latter is the case check with REPADMIN /SHOWOBJMETA on which DC
the object was created (also note the date and time). On the DC that is listed
as the originating DC for the account creation check the security log. If it
concerns SECURITY PRINICIPAL objects you might be lucky if you have configured
Account Management for SUCCESS (also the default if IâEUR(tm)m not mistaken).
If it concerns OTHER objects you are lucky if you have configured directory
service access for SUCCESS (also the default if IâEUR(tm)m not mistaken) AND
you have configured one or more SACLs on objects or Ous with objects that
should be audited
jorge
________________________________
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A.
Robinson
Sent: dinsdag 5 december 2006 18:20
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Is it possible to determine who created an AD
object?
I'd say that you should test it. Create and link a policy where you've
set "system objects: default owner for objects created by members of the
administrators group" to "Object creator". Then create a user in AD and check
the ownership.
Laura
________________________________
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Almeida Pinto, Jorge de
Sent: Tuesday, December 05, 2006 2:25 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Is it possible to determine who
created an AD object?
?
can you explain?
Met vriendelijke groeten / Kind regards,
Ing. Jorge de Almeida Pinto
Senior Infrastructure Consultant
MVP Windows Server - Directory Services
LogicaCMG Nederland B.V. (BU RTINC Eindhoven)
* Tel : +31-(0)40-29.57.777
* Mobile : +31-(0)6-26.26.62.80
* E-mail : <see sender address>
________________________________
From: [EMAIL PROTECTED] on behalf of Laura A. Robinson
Sent: Tue 2006-12-05 01:45
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Is it possible to determine who
created an AD object?
Which will have no effect on the ownership of the directory
objects.
Laura
________________________________
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Almeida Pinto, Jorge de
Sent: Monday, December 04, 2006 4:17 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Is it possible to determine
who created an AD object?
look at the owner....
if it lists ADMINISTRATORS, you might wanna change the
security option in the default DCs GPO which is called: "system objects:
default owner for objects created by members of the administrators group"
Met vriendelijke groeten / Kind regards,
Ing. Jorge de Almeida Pinto
Senior Infrastructure Consultant
MVP Windows Server - Directory Services
LogicaCMG Nederland B.V. (BU RTINC Eindhoven)
* Tel : +31-(0)40-29.57.777
* Mobile : +31-(0)6-26.26.62.80
* E-mail : <see sender address>
________________________________
From: [EMAIL PROTECTED] on behalf of Mitch Reid
Sent: Mon 2006-12-04 21:14
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Is it possible to determine who
created an AD object?
?
We had a few user accounts that were deleted and then
recreated and nobody will take responsibility.
I used ADSIedit to verify the creation date/time.
While auditing is enabled, the Security log rolled and
we missed the event (yes I know it's an issue).
Is there a way to see who created the the user object?
Thanks, Mitch.
This e-mail and any attachment is for authorised use by
the intended recipient(s) only. It may contain proprietary material,
confidential information and/or be subject to legal privilege. It should not be
copied, disclosed to, retained or used by, any other party. If you are not an
intended recipient then please promptly delete this e-mail and any attachment
and all copies and inform the sender. Thank you.
--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.430 / Virus Database: 268.15.6/567 -
Release Date: 12/4/2006 7:18 AM
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.430 / Virus Database: 268.15.6/567 - Release Date:
12/4/2006 7:18 AM
--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.430 / Virus Database: 268.15.6/567 - Release Date:
12/4/2006 7:18 AM
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.430 / Virus Database: 268.15.9/571 - Release Date:
12/5/2006 11:50 AM
--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.430 / Virus Database: 268.15.9/571 - Release Date:
12/5/2006 11:50 AM
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.430 / Virus Database: 268.15.9/571 - Release Date: 12/5/2006 11:50
AM
<<winmail.dat>>
