|
Posted by Roger Abell [MVP] on March 30, 2007, 12:04 am
Please log in for more thread options
> On Thu, 29 Mar 2007 10:39:26 -0700, "Roger Abell [MVP]"
>
>>
>>> Although I have done several searches online and through the event
>>> log...
>>>
>>> Is there a way to tell who created a user, and who disabled a user in
>>> Active Directory (2003 native mode). If not who did, how about what
>>> do we need to set in order to tell who will (sometime in the future)
>>
>>Mike
>>
>>You should be getting audit events in the security logs provided
>>that Account Management auditing is enabled. You need to view
>>a consolidated event log from all DCs to really get the picture, as
>>these are logged on the DC where the action was taken.
>>
>>Roger
>>
>
> I'll have to look and see if Account Mgt is audited. I know they have
> auditing enabled, just not exactly what is being tracked as yet. I
> really hate coming in on the tail end of a project, especially one
> with little to no documentation on the setup.
>
> Thanks again Roger. You have always tried to help me every time I
> have posted a question. I appreciate it.
>
> Mike
No problem, thanks.
Your comments reminded me of the sign in the auto shop,
Labor $50/hour I work on it first, $250/hour you work on it first.
Roger
| 
XML Sitemap