Re: Tracking Kerberos Tickets
- From: "Joe Richards [MVP]" <humorexpress@xxxxxxxxxxx>
- Date: Mon, 26 Jun 2006 12:12:26 -0400
You would need to use audit events from the event log for this. From every single DC. This might be something worth doing in a single or two DC domain, but anything larger and you are talking about event correlation software and event scrapers on all of your DCs.
Why don't you look at
http://www.joeware.net/win/free/tools/oldcmp.htm
and see if that is sufficient.
joe
--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net
---O'Reilly Active Directory Third Edition now available---
http://www.joeware.net/win/ad3e.htm
Sasi wrote:
is there a way (programatically prefered but utilities also welcomed) to track and log kerberos Tickets issued by a Domain controller? is there any API or something that I can use to list all tickets granted by a server during a specific time?.
I need this because I want to write a program that detects and removes dead/unused computer accounts in AD .my idea was to track computer accounts that had requested TGT during the past <some duration>,filtering them out from other computers and deleting the rest.
any better idea to fulfill this goal is welcomed.of course I prefer that idea to not involve in installing any client program on workstations.
- Prev by Date: Re: Tracking Kerberos Tickets
- Next by Date: changing ACL/owner of local group
- Previous by thread: Re: Tracking Kerberos Tickets
- Next by thread: changing ACL/owner of local group
- Index(es):
