tags:

views:

50

answers:

2
Q: 

Help Required on track active directory changes

I am going to write a small software to track active directory changes. I need an expert opinion from you. I want to display information about What ( with before and after values), When, Where and Who of any change in AD. I am going to implement this by one of the following way 1. Change Notification Control 2. DirSync Control

Both of these method give us the attribute that are changed and we can compare new values with some dump in SQL Server to get old values.

My problem is how can I find “Who” has made this change. I have tried but there is no attribute “LastModifiedBy” in active directory. Please give your opinion how can I track who has made this change.

--Faisal Iqbal

A: 

My company uses ActiveRoles from Quest. No one actually makes changes directly to AD; all changes are done through ActiveRoles so we have that type of auditing (and a lot more benefits.)

Kevin Buchan  2009-12-11 12:57:23
actually I have to implement this in .NET using SDS or SDS.Protocols. My question is is there any attribute in active directory object where I can find who has made the changes to a specific object.--Faisal
Faiasl Iqbal  2009-12-11 13:04:19
A: 

Is there any reason you can't use AD Auditing?

Sander Rijken  2009-12-11 13:28:58
we are going to develop an in-house application for Auditing with some extended functionality.
Faiasl Iqbal  2009-12-11 13:42:35

related questions

Querying Active Directory with "SQL"?
Can I get more than 1000 records from a DirectorySearcher in Asp.Net?
How to get AD User Groups for user in Asp.Net?
Attempting to update a user's "connect to:" home directory path in AD using C#
Monitoring group membership in Active Directory more efficiently (C# .NET)
How do I speed up data retrieval from .NET AD within ColdFusion
How do you authenticate against an Active Directory server using Spring Security?
Managing large user databases for single-signon.
Move Active Directory Group to Another OU using Powershell
How to move SharePoint sites from one active directory domain to another?
When did I last talk to my Domain Server?
Using ActiveDirectoryMembershipProvider with two domain controllers
I am having trouble getting phpBB to authenticate with our Active Directory
How do I use ADAM to run unit tests?
COMException "Library not registered." while using System.DirectoryServices
Caching Active Directory Data
Windows / Active Directory - User / Groups
Get a list of available domains (NT4 and Active Directory)
How do I use NTLM authentication with Active Directory
I/O permission settings using .net installer
quoting System.DirectoryServices.ResultPropertyCollection
How do you impersonate an Active Directory user in Powershell?
Setting Group Type for new Active Directory Entry in VB.NET
Is there a way for MS Access to grab the current Active Directory user?
Checklist for IIS 6/ASP.NET Windows Authentication?