Home > IT Answers > Windows Server > How can I set auditing for having log of administrators logon on DC’s………..
Aliyani
265 pts.
 How can I set auditing for having log of administrators logon on DC’s………..
Domain Controller, Domain management, Windows Server 2003
Hi , How can I set auditing in for DCs that can create some logs for every users that have administrator permision and they make changes on DCs!!??? My domain is win server 2003. Thank you. ----- Regards Mahnaz

Software/Hardware used:
ASKED: February 20, 2008  9:23 AM
UPDATED: February 20, 2008  10:33 PM
RELATED QUESTIONS
Answer Wiki:
You can audit logon events to the servers which will log into the security log on the DC every time a user logs onto the domain controller.
Last Wiki Answer Submitted:  February 20, 2008  10:33 pm  by  Denny Cherry   64,520 pts.
All Answer Wiki Contributors:  Denny Cherry   64,520 pts.
To see all answers submitted to the Answer Wiki: View Answer History.


RSS - Discussions Help
Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

 

I don’t have an exact answer but here are some ideas:

First you should enforce and effective Change Management Process within your org:
http://searchwinit.techtarget.com/tip/0,289483,sid1_gci1295304,00.html

When you login to windows, it records the login in the Event Log. You could then setup Event Log Monitoring with a 3rd party program to alert you when administrators log in.

For AD monitoring:

Scriptlogic makes a program to track all changes in AD
http://www.scriptlogic.com/products/activeadmin/

In Windows Server 2008, there is auditing of AD
http://technet2.microsoft.com/windowsserver2008/en/library/a9c25483-89e2-4202-881c-ea8e02b4b2a51033.mspx?mfr=true

Tbitner
 510 pts.