Auditing for account or group creation priviledge



How can a user or group access privilege escalation for account or group
creation can be audited and reported with the Windows 2003 active directory.

Even with all auditing enabled It only shows event id 566 as the only
significant event with little info as below. It doesn't display the user or
group being granted acccess for and/or access to

Accesses: WRITE_DAC


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question