I have created a custom Module for our Computer Technicians to efficiently get User information from our Active Directory domain. Some functions interact with Active Directory and some query our terminal servers for users, among other things.
I would like to log who is using these functions, and how often. I could create a log function that creates a text file of information, however I was wondering if there is something more efficient with Group Policy.
The topology is there are two Active Directory Domains, Domain A and Domain B. Domain B contains all of the resources we use to support our clients (SQL, terminal servers, Domain Controllers, etc). Domain A is where our technicians work within.
They launch PS from their local machine which from there will auto-import the necessary modules. The functions will query their credentials for Domain B from which the functions will invoke commands with those credentials to do the necessary tasks.
I would like a central location in case I need to see what technician used what specific function on what day. For instance, if they used the function Set-TPADAccountPassword, I want to see who executed the command, on what day, and whose ADaccount they changed.
I ‘believe’ I will need to make a separate log function specific to what I want to record. However I was wondering if there is another, more efficient approach to what I am trying to do.