Page:1/1
10/4/2005 4:43:53 PM
Domain admins and administrator group account changes
Description
Allows reporting on all collected events from the monitored systems.
For more information on various Windows events, go to :
http://www.microsoft.com/technet/support/eventserrors.mspx
Parameters
Database Servers
All
Computers
All
Accounts
All
Sources
Security
Categories
Account Management
IDs
631, 632, 633, 634, 635, 636, 637, 638, 639, 641
Logs
Security
Types
All
Message Search Criteria
Include events with any of the message text keywords: Administrators, Domain Admins prefixed by qualifier: Target Account Name
Time Frame
Last 2 Month(s)
Start Date Time
2005-09-01 00:00:00
End Date Time
2005-11-01 00:00:00
Server
Date / Time
Id
Log
Type
Category
Source
Computer
Account
LOGCASTER SERVER
9/23/2005 12:14:36 PM
633
Security
Success Audit
Account Management
Security
LCNTPDC1
Administrator
Global Group Member Removed:
Member: S-1-5-21-1287529892-1147808573-1947940980-1168
Target Account Name: Domain Admins
Target Domain: LCLAB1
Target Account ID: S-1-5-21-1287529892-1147808573-1947940980-512
Caller User Name: Administrator
Caller Domain: LCLAB1
Caller Logon ID: (0x0,0x225470E)
Privileges: -
  
LOGCASTER SERVER
9/23/2005 12:14:35 PM
637
Security
Success Audit
Account Management
Security
LCNTPDC1
Administrator
Local Group Member Removed:
Member: S-1-5-21-1287529892-1147808573-1947940980-1168
Target Account Name: Administrators
Target Domain: Builtin
Target Account ID: S-1-5-32-544
Caller User Name: Administrator
Caller Domain: LCLAB1
Caller Logon ID: (0x0,0x225470E)
Privileges: -
  
LOGCASTER SERVER
9/7/2005 10:42:13 AM
636
Security
Success Audit
Account Management
Security
LOGCASTERPROD
venkat
Security Enabled Local Group Member Added:
Member Name: -
Member ID: SHARKS\qzhang
Target Account Name: Administrators
Target Domain: Builtin
Target Account ID: BUILTIN\Administrators
Caller User Name: venkat
Caller Domain: SHARKS
Caller Logon ID: (0x0,0xBFCB3D7)
Privileges: -
  
LOGCASTER SERVER
9/7/2005 10:42:13 AM
636
Security
Success Audit
Account Management
Security
LOGCASTERPROD
venkat
Security Enabled Local Group Member Added:
Member Name: -
Member ID: SHARKS\bmani
Target Account Name: Administrators
Target Domain: Builtin
Target Account ID: BUILTIN\Administrators
Caller User Name: venkat
Caller Domain: SHARKS
Caller Logon ID: (0x0,0xBFCB3D7)
Privileges: -