Benutzer-Werkzeuge
active_directory
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
| Beide Seiten der vorigen Revision Vorhergehende Überarbeitung Nächste Überarbeitung | Vorhergehende Überarbeitung | ||
|
active_directory [2025/03/29 21:16] jango [User Managment] |
active_directory [2025/04/10 22:03] (aktuell) jango |
||
|---|---|---|---|
| Zeile 2: | Zeile 2: | ||
| Siehe auch [[coding: | Siehe auch [[coding: | ||
| + | |||
| + | < | ||
| + | repadmin /syncall /AeD | ||
| + | repadmin /syncall /d /e < | ||
| + | dnscmd /zoneinfo domain.local | ||
| + | </ | ||
| =====Reversible Encryption===== | =====Reversible Encryption===== | ||
| Zeile 242: | Zeile 248: | ||
| * [[DNS]] Server | * [[DNS]] Server | ||
| * [[DHCP]] Server | * [[DHCP]] Server | ||
| - | * Active Directory Certificate Services | + | * [[ADCS]] (Active Directory Certificate Services) |
| * Remote Access Server (RAS) - [[VPN]] | * Remote Access Server (RAS) - [[VPN]] | ||
| * Microsoft Active Directory Federation Services ([[adfs|ADFS]]) - Verschlüsselung, | * Microsoft Active Directory Federation Services ([[adfs|ADFS]]) - Verschlüsselung, | ||
| Zeile 292: | Zeile 298: | ||
| |4738|A user account was changed.| | |4738|A user account was changed.| | ||
| |4740|A user account was locked out.| | |4740|A user account was locked out.| | ||
| - | |4741|A computer account was changed.| | + | |4741|A computer account was chreated.| |
| - | |4742|A computer account was changed??| | + | |4742|A computer account was changed.| |
| |4743|A computer account was deleted| | |4743|A computer account was deleted| | ||
| |4744|A security-disabled local group was created.| | |4744|A security-disabled local group was created.| | ||
| Zeile 333: | Zeile 339: | ||
| |4788|A nonmember was removed from a basic application group.| | |4788|A nonmember was removed from a basic application group.| | ||
| + | 4698: A scheduled task was created. | ||
| + | 4699: A scheduled task was deleted. | ||
| + | 4700: A scheduled task was enabled. | ||
| + | 4701: A scheduled task was disabled. | ||
| + | 4702: A scheduled task was updated. | ||
| + | |||
| + | 1002: malware scan stopped before completing scan | ||
| + | 1003: malware scan paused | ||
| + | 1005: malware scan failed | ||
| + | 1006, 1116: malware or unwanted software detected | ||
| + | 1007, 1117: action to protect system performed | ||
| + | 1008, 1118: action to protect system failed | ||
| + | 1009: item restored from quarantine | ||
| + | 1012: unable to delete item in quarantine | ||
| + | 1015: suspicious behavior detected | ||
| + | 1119: critical error occurred when taking action | ||
| [[ToDo]] [[https:// | [[ToDo]] [[https:// | ||
| Zeile 426: | Zeile 448: | ||
| |4662|An operation was performed on an object (Änderung des Besitzes von Dateien/ | |4662|An operation was performed on an object (Änderung des Besitzes von Dateien/ | ||
| |4656|A handle to an object was requested (Zugriffsversuch auf ein Objekt mit Berechtigungsänderung)| | |4656|A handle to an object was requested (Zugriffsversuch auf ein Objekt mit Berechtigungsänderung)| | ||
| + | |||
| + | ===SMB Share Berechtigungen=== | ||
| + | |||
| + | untested | ||
| + | |||
| + | ^Event ID^Beschreibung^ | ||
| + | |5142|A network share object was added.| | ||
| + | |5143|A network share object was modified.| | ||
| + | |5144|A network share object was deleted.| | ||
| ===Powershell Script=== | ===Powershell Script=== | ||
| <code powershell> | <code powershell> | ||
active_directory.1743279398.txt.gz · Zuletzt geändert: 2025/03/29 21:16 von jango
Seiten-Werkzeuge
Falls nicht anders bezeichnet, ist der Inhalt dieses Wikis unter der folgenden Lizenz veröffentlicht: CC Attribution-NoDerivatives 4.0 International
