We use Netpro Change auditor for this and love it! Allows me to track changes such as these as well as many others without having to turn up all the logging. There is a long list of other change types we monitor with it (send me a direct email and I can share with you a PDF list of them if you are interested) Price is reasonable and lets use see changes to DNS, Exchange and many others that normally wouldn't log to the security log even if all auditing was cranked up to the max. The reporting side of it is a huge plus, lets me report changes to all groups in an OU for example, or lets me pick and choose what ones I want to alert or report changes on. We use it for example to send alerts to teams who want to know if one of their groups change (without seeing all the group changes). It also shows nested group changes as well as before and after values on attributes (even custom ones you have added to AD. Kevin Willenborg Lead Directory Services AIT (AEGON Information Technology) Phone (319) 355-6597 Nextel (319) 533-7851 Email: [EMAIL PROTECTED] <blocked::blocked::mailto:[EMAIL PROTECTED]>
Real integrity is doing the right thing, knowing that nobody's going to know whether you did it or not. CONFIDENTIALITY NOTICE The documents accompanying this transmission contain information belonging to the Sender which is legally privileged and confidential. The information is intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any disclosure, dissemination, distribution, copying, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this communication in error, please notify the sender immediately. ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, April 10, 2008 9:53 AM To: Active Directory Admin Issues Subject: Tracking Admin Changes Is there anyway to track what changes where made to user's accounts, etc., in AD? For example, if a user was removed from being a member of a group, but was put back in, is there a way to tell who did it? Thanks... Troy Adkins Network Administrator Virginia House of Delegates 804.698.1567 (O) 804.771.7917 (F) ~ NEW: CounterSpy Enterprise: Centralized Antispyware - #1 in eWEEK Test! ~ ~ ~ ~ NEW: CounterSpy Enterprise: Centralized Antispyware - #1 in eWEEK Test! ~ ~ <http://www.sunbelt-software.com/product.cfm?id=400> ~
