You got my interest with this one because we have hundreds of Macs joined to AD. I don't see any names like that, but if you go to the properties of one, what is the OS name and version?
-----Original Message----- From: listsadmin@lists.myitforum.com [mailto:listsadmin@lists.myitforum.com] On Behalf Of Jesse Rink Sent: Wednesday, March 16, 2016 12:32 PM To: ntsys...@lists.myitforum.com Subject: [NTSysADM] Re: Strange computer accounts in AD Actually.. you just gave me an idea. We don't have Exchange anymore, but I really need to verify that just because I see the account in the computers contains, I need to verify 100% it's an actual computer account and not something else (I was making an assumption, ugh)... Will check. Jesse Rink Source One Technology, Inc. HP Partner 262 993 2231 ** Please visit our blog! http://www.sourceonetechnology.com/blog/ ________________________________________ From: listsadmin@lists.myitforum.com <listsadmin@lists.myitforum.com> on behalf of Wolf, Daniel <da.w...@neopost.com> Sent: Wednesday, March 16, 2016 11:24 AM To: ntsys...@lists.myitforum.com Subject: [NTSysADM] RE: Strange computer accounts in AD Where are you finding the objects? Exchange creates AD objects for ActiveSync devices, but I don't think they're computer objects... -----Original Message----- From: listsadmin@lists.myitforum.com [mailto:listsadmin@lists.myitforum.com] On Behalf Of Brian Desmond Sent: Wednesday, March 16, 2016 10:59 AM To: ntsys...@lists.myitforum.com Subject: [NTSysADM] RE: Strange computer accounts in AD You can enable auditing and see where they're coming from. Are they using Intune or AD FS with Workplace join? Thanks, Brian Desmond w - 312.625.1438 | c - 312.731.3132 -----Original Message----- From: listsadmin@lists.myitforum.com [mailto:listsadmin@lists.myitforum.com] On Behalf Of Jesse Rink Sent: Wednesday, March 16, 2016 10:45 AM To: ntsys...@lists.myitforum.com Subject: [NTSysADM] Strange computer accounts in AD Haven't been able to make much sense of this so far... One of my customers is Mac-centric for their devices (50% Macbooks/iMac, 40% iPads, 10% PCs). Depending on who is using the MacBook, the devices are either a) joined to AD, or b) not joined to AD. I can obviously account for seeing Macbooks and iMacs in the Computer containers of AD once the Macbooks are joined. What I can't seem to account for it... How in the world I'm finding computer accounts for iPads in AD. The customer uses a standard naming convention here for devices, so I shouldn't be seeing computernames in AD's computers container like "AB-iPad-John-88" or "AB-iPad-Mike-77". Everyone in IT claims they wouldn't name a standard computer device with that naming convention and only use those naming conventions for iPad devices so.... if that's the case, why am I seeing computer accounts getting created with those names in AD? This doesn't happen for EVERY iPad deployed, but it seems like 5% of them? I typically just delete the computer account from AD which has yet to cause any complaining/problems... but eventually, more start to appear. I'm going to dig into Microsoft security auditing policies deeper and see if there's a way I can send new computer account creation logs to the Security Log, etc. maybe that'll give me more info how they're getting created. Jesse Rink Source One Technology, Inc. HP Partner 262 993 2231 ** Please visit our blog! http://www.sourceonetechnology.com/blog/
