General discussion


AD to alert admins

By lgp9999 ·
I am currently working on a project to keep track of hardware around the company. It would be very helpful if there was a program or script that would alert me of any changed/new machine accounts that had been created in AD, just in case one of our admins might make a change and forget to let me know. Does anybody know of a method of doing this?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by BFilmFan In reply to AD to alert admins

You could use MOM to alert on Security Event 624, which is a user account creation and 645 for Computer Accounts in the Event Logs.

You would need to be monitoring for successful events.

Youc an pick up a pre-written WMI script that you can modify here:

You are looking for the wmievents.vbs script.


Collapse -

by dryflies In reply to AD to alert admins

There was a win2k server newsletter article just today about a script that with a few mods will do exactly that.
it included a download:

Modify the script to run periodically. add a function at the beginning of the script to check for newdatafile.txt. if it exists, rename it to olddatafile.txt. Next output the AD information to a text file named newdatafile.txt. Use a diff program to highlite any differences between the two files. There are several of these diff files around with various names. FC is one that comes with Win XP. type help FC to figure out how to use it and how to format its output to your liking. The results of FC will be any changes to your AD from the last time the script was run. you can use dates in the filename to keep a running log of changes and if you get really motivated could modify the script to provide some roll-back functionality.

Related Discussions

Related Forums