by knuckle_sandwich at 2013-04-30 06:08:43
Hello everybody,by ArtB0514 at 2013-04-30 07:36:57
I’ll jump the sorry for my noobness section… I’ve tried to google for this one, no results that didn’t imply auditing tools. I need to do it through PS.
Is there a way to see recent changes on the MemberOf property in PS?
I frequently need to troublshoot problems that pop out after group membership has been messed with, so it would be most usefull to know this.
An extra question would be: Is AD keeping any track on past Group membership? (but this is secondary)
Thanks for your interest.
Luka
AD does not store change information other than the date/time of the last modification. The information that you want is stored in the Security event log (as long as auditing is turned on) on individual domain controllers and is not replicated. If you decide to use PowerShell to examine the logs, here are some hints:by knuckle_sandwich at 2013-04-30 08:53:47
If you use Get-WinEvent, search the TaskDisplayName for Changes and Management.
If you use WMI to access Win32_NELogEvent, search the CategoryString for Account Managment and Change.
I understand. Will need to work through those commands.
Thanks!