How to Find Out When an Object was Created in Active Directory
A critical part of securing the Active Directory environment is being able to obtain detailed insights on when objects are created.
Below are the steps it takes to generate a report for when objects are created in Active Directory using native processes:
- Group Policy Audit Settings – Configuration
- Editing the Default Domain Policy of the Domain
- Define the Settings for Audit Account Management Policy
- Selecting the Security Policy Setting Tab
- Configuration of ADSI
- Navigate to Auditing Entry Window for Your Domain
- Filtering the Security Event Log by Event ID 5137
- Generating Details of the Event
How Lepide Active Directory Auditor Tracks When an Object is Created in Active Directory
IT administrators must regularly audit events in user accounts and keep a constant track on the activities of users in order to stay informed about what’s happening in their AD environment. However, native auditing techniques make this quite an arduous and technically difficult process. Therefore, we recommend deploying auditing solutions, like Lepide Active Directory Auditor, that can enhance security by automatically tracking every single object in Active Directory.
Whenever a user creates an object, Lepide Active Directory Auditor (part of Lepide Data Security Platform) solution provides all details about that particular object and sends through real-time alerts. These alerts are delivered as emails, as updates to LiveFeed widget and as push notifications to the Lepide Mobile App (for Android and Apple devices).
Below is a screenshot that displays the Object Created Reports under the “Active Directory Modifications Report” tab of Lepide Active Directory Auditor.