Hi, I've posted a question a while back on how to track object creation in AD if you are in a multiple domain admin environment. I did not get a proper answer for this but i have stumbled across it again while i was preparing for my MS exam. I think it is a good idea to post this incase someone encounters the same issue, this can be used as a referance guide. The original question was posted here: http://www.computing.net/cgi-bin/my... The Answer for this is: The correct answer for this question is to enable the "Audit Account Management" option to 'success, failure' on the DOMAIN CONTROLLER. This is found by going to run type secpol.msc then goto Security Settings --> Local Policies --> Audit Policy This way it will log events such as object creation/modification in AD which will be logged and viewed on your DC by going to: Eventvwr -> Windows Logs -> Security. Event ID descriptions can be found here: http://www.windowsecurity.com/artic... This senario is particularly helpful if you have multiple domain admins and want to track changes made in your AD environment.

That link isn't valid. What's the original post? Life's more painless for the brainless.

my previous question was simply how to track users/group creation in Active Directory. Specially if you are in an environment where there are multiple domain administrators and they all have the capibility to create users/objects.

I know what you asked, but I wanted to see the post to see what replies you received. What's the link to the original post? Life's more painless for the brainless.