This section covers common (and not so common but important) administrative tasks concerning the general administration of Active Directory. For more specific tasks relating to administering domains, trusts, user accounts, and so on, refer to the related topics elsewhere in this chapter. For example, to learn how to manage domain controllers, see Domain Controller; to learn how to configure user accounts, see Users; and so on. Note that all tasks in this section involve using the Active Directory Users and Computers console unless otherwise indicated.
You can use auditing to detect unauthorized attempts to access Active Directory:
Right-click the Domain Controllers node → Properties → Group Policy → select Default Domain Controller Policy → Edit → Computer Configuration → Windows Settings → Security Settings → Local Policies → Audit Policy → right-click Audit Directory Services Access → Properties → select Define these policy settings → choose to audit success and/or failure events
Auditing of access to Active Directory on all domain controllers in the domain takes effect once the GPO settings have propagated to other domain controllers (usually within five minutes). Directory service access events are logged in the Security log on each domain controller and can be viewed with Event Viewer.
For fresh installs of new WS2003 domain controllers in a new domain, Active Directory security auditing is enabled by default. If you ...