I have been googleing around for a few days now trying to figure this out. Any help would be greatly apprecited (links, hints, etc). Thanks!
concept
I want to generate an alert when an account is disabled from exchange.
success
I am able to generate an alert for windows event id 4725(A user account was disabled) when i disable an account in active directory on any of my domain controllers. I know this works. I have been doing it for months in this current environment.
failure
I am unable to generate an alert for a user account was disabled when i disable an account in exchange.
questions
does exchange tell AD that the account was disabled?
If it does, what event ID is it?
if it does not, why not? How would i log this going forward?
network basics
- exchange 2010
- windows server 2008r2
- I am a domain admin and exchange admin (i have any rights i need to do this)
- AD authentication is the standard
- ask me anything else you need
Best Answer
Continue using what you have been doing. The account is disabled at the DC not at the Exchange Server regardless of where you are running ADUC.