How can I set auditing for having log of administrators logon on DC’s………..

265 pts.
Tags:
Domain Controller
Domain management
Microsoft Windows Server 2003
Hi , How can I set auditing in for DCs that can create some logs for every users that have administrator permision and they make changes on DCs!!??? My domain is win server 2003. Thank you. ----- Regards Mahnaz

Answer Wiki

Thanks. We'll let you know when a new response is added.

You can audit logon events to the servers which will log into the security log on the DC every time a user logs onto the domain controller.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Tbitner
    I don't have an exact answer but here are some ideas: First you should enforce and effective Change Management Process within your org: http://searchwinit.techtarget.com/tip/0,289483,sid1_gci1295304,00.html When you login to windows, it records the login in the Event Log. You could then setup Event Log Monitoring with a 3rd party program to alert you when administrators log in. For AD monitoring: Scriptlogic makes a program to track all changes in AD http://www.scriptlogic.com/products/activeadmin/ In Windows Server 2008, there is auditing of AD http://technet2.microsoft.com/windowsserver2008/en/library/a9c25483-89e2-4202-881c-ea8e02b4b2a51033.mspx?mfr=true
    510 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following