![]() ![]() ![]() ![]() To enable auditing, you’ll need to use the Set-AdmPwdAuditing PowerShell cmdlet: Import-Module AdmPwd.PS Otherwise, you may want to look into third-party AD auditing tools.Ĭan I audit who accesses the passwords in AD? I wouldn’t turn on auditing unless you’ve got a plan for offloading the Event Logs or you’ve got a way to analyze them. Just enabling this in my lab was incredibly noisy. Just be aware that changes are logged as Event ID 4662, which is going to inundate your DC Security Event Logs with superfluous information. Not by default, but it is possible to audit changes to the attributes if you enable auditing in Active Directory. Is there a log in Active Directory for LAPS?
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |