以编程方式访问在AD中进行更改的人员和来源 [英] Programatically Accessing who and fromWhere the changes are made in AD

问题描述

嗨

在我的项目中，我需要跟踪AD中所做的更改.我们需要跟踪 进行更改的人的姓名以及IP的IP 机器从更改中进行.

我的研究表明，所有这些信息都在安全日志中，但是 我们需要在DC上启用登录/注销审核策略"以获取所有这些信息 信息.启用此选项将生成许多安全事件.

还有另一种审计AD更改的方法，即.通过注册到 更改广告的通知.但这并不能给谁做出改变 以及从什么机器上来的.

如果找到这个，可以使用ADSI等之类的方法来帮助我吗?

我不想梳理审核日志以获取信息.

Ankit

Hi

In my project I need to track changes made in AD. Our need is to track the name of the person who made the change and also the IP of the machine from the changes are made.

My research tell that all this information come in Security logs , but we need to enable the LogOn/LogOff Audit Policy on DC to get all this information. Enabling this will generate lot of security events.

There is another way to audit the AD changes , ie. by registering to Change notifications of AD. But this does not give who made the change and from what machine.

Can any one help me out ,if finding this , using anything like ADSI etc...

I do not want to comb audit logs to get the information.

Ankit

推荐答案

Microsoft TechNet >之一中. 论坛首页> Windows Server > 目录服务位于此处: http://social.technet.microsoft.com/Forums/zh-CN/winserverDS/threads/.

Thank you for your post!  I would suggest posting your question in one of the Microsoft TechNet > Forums Home > Windows Server > Directory Services located here:  http://social.technet.microsoft.com/Forums/en-US/winserverDS/threads/.

这篇关于以编程方式访问在AD中进行更改的人员和来源的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！