Monitor-ADGroupMembership
Monitor-ADGroupMembership copied to clipboard
lazywinadmin
Who did the change ?
Users requested on blog that I add who did the change. This could be included with a switch -IncludeUser.
Requirements:
- Auditing on groups need to be enabled in the domain
- PowerShell code to lookup for events matching the group name(s) and return the user who did the change
- Show the information in the report
I've actually wanted to use your script to monitoring group changes on my clients but due to lack of this feature had to write my own... and it ended up being really nice. I've published it on github https://github.com/EvotecIT/PSEventViewer but most of the documentation is on my website https://evotec.xyz/hub/scripts/get-eventslibrary-ps1/. I've to admit thou your script gave me a lot of insight so you may see some code from your version in mine ;-)
Nice work @PrzemyslawKlys ! I don't use this script since i left one of my previous employer but I support it if anyone is stuck.
There are multiple ways to learn, creating your own project can be one. Too bad you did not contribute to this existing project. Feel free to submit PR in the future. Cheers
I did modify it to support login/pass/port and but I couldn't incorporate my version of event monitoring as it's completely different approach. Would be a bit hard to correlate event to the group change in your script. It's easier to completely rely on the events. It does provides all it's needed for group changes without saving before/after changes.