Audit Active Directory 2
Audit Active Directory 2

There is a new version for the Active Directory Audit : Here

auditad

Bug fix :
The timestamp is not correct in the table :

AD Event Audit

Date

Event ID

Action

Change

Details

Modify by

0000-00-00 00:00:00

 4723 An attempt was made to change an account s password. xxxxxxxxxx$ xxxxxxxxxx$

0000-00-00 00:00:00

 4723 An attempt was made to change an account s password. xxxxxxxxxx xxxxxxxxxx

0000-00-00 00:00:00

 4738 A user account was changed. xxxxxxxxxx Password Last Set: 9/16/2013 5:29:40 PM ANONYMOUS LOGON


Thank you to Camilo Santana for the bug fix.

Update :

New features have been added :

 

Purpose
The purpose of this project is to audit Active Directory changes regarding the account and the GPO management and display these changes
Pre-requesites
Installation
Wamp
  • Install WAMP Server with all default settings (default path is c:\wamp)
  • Copy the file auditad2.php to web root folder (default path is c:\wamp\www)

 

MySQL
    • Edit and save the file auditad_db.sql and replace the ip addresses with your own domain controller ip addresses :
GRANT ALL PRIVILEGES ON *.* TO 'itpwd'@'<b><i>10.20.30.40</i></b>' IDENTIFIED BY 'itpwd';
GRANT ALL PRIVILEGES ON *.* TO 'itpwd'@'<b><i>10.20.30.41</i></b>' IDENTIFIED BY 'itpwd';
GRANT ALL PRIVILEGES ON *.* TO 'itpwd'@'<b><i>10.20.30.42</i></b>' IDENTIFIED BY 'itpwd';
    • Go to https://localhost/phpmyadmin
    • Click on “SQL” tab
    • Copy/Paste the content of the file auditad_db.sql
    • Click “Execute” button

Domain controller configuration

If you have any problems, leave a comment

<>

My Powershell script categories

Audit Active Directory 2

Leave a Reply

Your email address will not be published.