locked
User Account Created in which Domain Controller ? RRS feed

  • Question

  • In Active Directory environment, we can create a User Account in any Domain Controller and it gets replicated to other DCs. I am aware of Scripts (PowerShell & VBScript) which can check for User Accounts and its attributes. But, my question is :

    a) Is there any way to detect in which particular DC the user-account was created ? The parent/mother DC where the account was created for the first time; before it got replicated to other DC ?

    On-Premise AD or Azure AD, whatever; any reference material or hint for PowerShell or VBScript is much appreciated.

    Thanks

    Wednesday, June 10, 2020 5:32 PM

Answers

  • The DC that created the account is not maintained in AD>  You can find it in teh event log if auditing is enabled.


    \_(ツ)_/

    • Proposed as answer by BOfH-666 Thursday, June 11, 2020 1:15 AM
    • Marked as answer by Monimoy Sanyal Wednesday, June 24, 2020 9:36 AM
    Thursday, June 11, 2020 12:32 AM