I am not looking to log actions to the extreme of a key
logger, just any actions that the user is performing that
may cause a system malfunction. The user is another
administrator that has problems with our management, and I
am looking to cover my butt by logging the actions of the
three people with domain admin rights. Any help would be
appreciated. Thank you
If you haven't done so, enable audit logging on your domain. Have your
security logs written to a folder where only your network security folks can
review (not modify) the logs. Permissions need to be set so that admins
cannot modify/delete/overwrite logs. Filter logs for specific user account
you're trying to monitor.
Here some reading that might help get you started(?):
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.