-----------------------------------------------------------
Attention: Non-Delivery Report
-----------------------------------------------------------
This report is generated by the email server at:
ivytech.edu
The message with subject:
"RE: [ActiveDir] Programmatic auditing of AD changes similar to what
Quest/NetPro use"
and attached to this report was not delivered to
the following recipients:
Address: [EMAIL PROTECTED]
Reason: 554 5.5.2 No valid recipients (554)
--------------
--- Begin Message ---
Small correction - Alain, not Adam. Unless, however, there is another WMI
Guru out there with the surname Lissoir that I'm not aware of. Anything is
possible, I suspect.
;o)
Rick
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Isenhour, Joseph
Sent: Tuesday, July 19, 2005 1:17 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Programmatic auditing of AD changes similar to what
Quest/NetPro use
WMI Actually has an asynronous call that you can use to monitor specific
objects. It will notify you when the object changes and what the
original and new values are. Adam Lissoir wrote some scripts that
demonstrate this. I think these links still work:
http://www.LissWare.Net
See "Sample 3.54 - GroupMonitor.wsf"
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chuck Chopp
Sent: Friday, July 08, 2005 9:53 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Programmatic auditing of AD changes similar to what
Quest/NetPro use
I'm interested in identifying the programming interfaces used by
products like Quest's Change Manager for Active Directory and NetPro's
AD-related change monitoring products. The existing ADSI and LDAP
interfaces do not appear to offer the degree of granularity that these
products are capable of obtaining in terms of AD changes that they can
monitor & report on.
I'm familiar with Novell's eDirectory [f.k.a. NDS] and the sophisticated
async event notification API functions that it provides, and I'm
thinking that AD has to have something similar. However, the MSDN
Platform SDK documentation doesn't identify anything in way of API
functions or COM interfaces [e.g. ADSI] that are capable of providing
the sort of event notification that I'm needing to use in my
application.
I'm looking to track object creation, deletion, rename, move and
modification of attributes. In the case of modified attributes, for
single valued attributes, I need to know the before & after values, and
in the case of multi-valued attributes, I need to know which individual
value was added to or removed from the attribute's value list.
Does anybody have any recommendations on what sorts of programming
interfaces are available that can provide this degree of granularity in
AD event monitoring?
TIA,
Chuck
--
Chuck Chopp
ChuckChopp (at) rtfmcsi (dot) com http://www.rtfmcsi.com
RTFM Consulting Services Inc. 864 801 2795 voice & voicemail
103 Autumn Hill Road 864 801 2774 fax
Greer, SC 29651
Do not send me unsolicited commercial email.
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
--- End Message ---
