This feature logs old and new values, enabling you to return to an original value if object properties are modified. When you audit directory changes in Windows Server 2008, AD DS access auditing logs old and new values of an attribute each time an object is modified. The AD DS audit policy in Windows Server 2008 logs four subcategories of service access, which enables you to control the assignment of this policy at a more granular level than in previous Windows Server operating system versions. The Directory Service Changes subcategory controls attribute captures . When enabled, it captures create, modify, move, and recover operations on an object. Each operation is assigned an Event ID in the Directory Services event log.
You can then use the Security event log to keep a record of directory changes . At least two events are logged when an object is modified. The first lists the former value, and the second lists the new value . This is useful for fixing erroneous modifications .
Was this article helpful?