Identifying the creator of an Active Directory User

B

bduthie

This is a weird one. Recently a new active directory
user "appeared" in our ad database. None of our
administrators claim to have created this object. There is
a created date, but we want to identify how this object
could get here without actually creating it manually. Is
there a way to identify the creation person or method of
creations for this object.

Thanks in advance,

Bruce
 
J

Joe Richards [MVP]

Unless you have logging enabled you are pretty much hosed. You can try looking at the ACLs to see if there is the ACL of
a specific person tacked onto it but if everyone is a full administrator, it is just going to show administrators, not a
specific person.

This is why you shouldn't have but maybe 3 full admins tops. We support 400 domain controllers around the world with
250,000 userids, 150,000 contacts hundreds of thousands of machines and have 3 full admins, everyone else has delegated
rights.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Windows Server What can Active Directory Do? 6
connecting problem in vb.net with ldap to active directory 4
cleaning up Active Directory 8
Last user login information differs on Active Directory Servers 5
Identifying empty Active Directory attributes 1
removing user from Active directory 1
Active Directory Corruption 2
Active Directory User Accounts 1

Top