4722 - A user account was enabled - Machine... Expand / Collapse
Author
Message
Posted 5/18/2015 12:42:32 PM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: Forum Members
Last Login: 5/18/2015 12:28:59 PM
Posts: 1, Visits: 1
I am seeing a Domain Controller log Event ID 4722 indicating that a user has been enabled. The subject of the message (and every other message I would expect to log alongside 4722) indicates that this was done by the machine account of the machine where the action was performed. Is there a reason this would occur and is there any way to find and log the true user who performed this action?
Post #3258
Posted 6/8/2015 8:22:01 PM
Supreme Being

Supreme BeingSupreme BeingSupreme BeingSupreme BeingSupreme BeingSupreme BeingSupreme BeingSupreme Being

Group: Moderators
Last Login: 11/14/2013 3:17:47 PM
Posts: 237, Visits: 0
Is the target account a computer account?
Post #3266
« Prev Topic | Next Topic »


Permissions Expand / Collapse

All times are GMT -5:00, Time now is 9:26pm