Active Directory

Who created a user object

0

Get-ADObject -Identity <ObjectIdentity> | Get-QADObjectSecurity -Owner

 

 

or

 

query your DCs for event id 624:

$filter = “LogFile=’Security’ AND EventCode=624 AND SourceName=’security’ AND CategoryString=’Account Management’ AND Message LIKE ‘%User Account Created%’ AND Type=’Audit Success'”
Get-WmiObject -Class Win32_NTLogEvent -Filter $filter -cn DC1,DC2 | Select-Object @{n=’UserName';e={$_.InsertionStrings[0]}},@{n=’Creator';e={$_.InsertionStrings[3]}}

Using Acctinfo.dll on a 64 bit OS – Lockout Tools

0

Using Acctinfo.dll on a 64 bit Platform

The following steps outline the procedures for installing the Additional Account Info tab on a 64 bit system.

  1. Download Account Lockout and Management Tools  http://www.microsoft.com/en-us/download/details.aspx?id=17657.
  2. Copy acctinfo.dll from to C:\Windows\SysWOW64
  3. Open a Command Prompt in the directory C:\Windows\SysWOW64
  4. Run regsvr32 acctinfo.dll.
  5. Open Active Directory Users and Computers via the run box and this command : dsa.msc -32
More info about Account Lockout Tools :

KCC Inter-Site Topoly Generator : Invalid

0

In Active Directory Sites and Services, NTDS settings shows an Invalid  Inter-Site Topoly Generator.
The interSiteTopologyGenerator attribute show an old attribute.

CN=NTDS Settings\0ADEL:febe8608-7977-4f96-8c78-d6eedd221381,CN=Servers,CN=<site>,CN=Sites,CN=Configuration,DC=<domain>

Solution : delete this old attribute and trigger kcc.

 

The Knowledge Consistency Checker (KCC) is an active directory process that runs on domain controllers and automatically identifies or calculates the most efficient replication topology for the network using data provided by the network in active directory sites and services. To improve replication traffic in most networks, the ISTG might be enabled so that KCC can logically generate (Create) connection objects based on the physical network layer. This is good because KCC will only create connection objects in active directory if it is required for a particular site.

ISTG Reference numbers:
0:To  Enable ISTG
1:To disable automatic intrasite topology generation
16:To disable automatic intersite topology generation
17:To disable both intrasite and inter-site topology generation

 

Start Active Directory Sites and Services

Click on the site

In the right pane, right click NTDS Site settings

Properties

Attribute Editor

Clear the interSiteTopologyGenerator (double click and press the clear button)

Check the options atribute, if set tot 0 it will automatically rebuild the Inter-Site Topoly Generator settings

 

 

With repadmin /kcc you can force it.

Forces the Knowledge Consistency Checker (KCC) on each targeted domain controller to immediately recalculate the inbound replication topology.

More info about this command : http://technet.microsoft.com/nl-nl/library/cc742173(v=ws.10).aspx#BKMK_examples

More about KCC :

http://technet.microsoft.com/en-us/library/dd723682(v=ws.10).aspx

 

Go to Top