Active Directory Audit logs

G

Guest

My domain is managed by higher level authority. I have OU administration. I
need to request that event data related to my OU be segregated from the rest
of the domain audit data for me to capture with my SIM product. I do not see
how that is possible without complex scripting against the event log data.
Am I missing something?
 
S

Simon Geary

What events are you wanting to monitor? Most logging of account related
events (logon, logoff etc) is done on the default domain controllers OU so
it wouldn't be a simple task to pluck your users data out of this.
 
G

Guest

Accout logon events, account management, directory service access (for SACL
protected objects), Logon events, policy change, system events (to capture
audit log cleared at DC)- All for events related to my OU only. That is the
dilema. I cannot ask for event logs of the entire domain because of data
ownership issues (other OUs). So...Knee pads and a solution to recommend
globally is what I need.
 
R

Ryan Hanisco

Yeah.. you're stuck on this one without complicated scripting.

The higher level admin might be able to hand you filtered event logs but
there is nothing automated.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Active Directory Audit Logs 1
Active Directory Policy Inheritence 1
Location of User Account in Active Directory - OU or top level? 1
getting knocked off the 2003 active directory 1
Anonymous Enumeration: a serious threat to Active Directory 12
Active Directory installation problems 3
Error after active directory installation 1
Active Directory 1

Top