Change in lockouttime attribute, when account is locked in Active Directory Lightweight Directory Service (AD LDS) server, does not trigger a ChangeAuditor event, even though the attribute is configured to be monitored by the ChangeAuditor.
Manual changes to the lockouttime attribute using ADSIEDIT will trigger a ChangeAuditor alert, but an automated change to the lockouttime time, such as when the account becomes locked, will not create an event.
WORKAROUND:
None
STATUS:
Enhancement request number TF00380186 has been submitted to Development for consideration in a future release of ChangeAuditor for Active Directory.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center