Event ID: 5169

A directory service object was modified.

A directory service object was modified.

Subject:
    Security ID:        %3
    Account Name:       %4
    Account Domain:     %5
    Logon ID:           %6

Directory Service:
    Name:   %7
    Type:   %8

Object:
    DN:     %9
    GUID:   %10
    Class:  %11

Attribute:
    LDAP Display Name:  %12
    Syntax (OID):       %13
    Value:              %14
    Expiration Time:    %15

Operation:
    Type:                       %16
    Correlation ID:             %1
    Application Correlation ID: %2

Lookup Audit Policy Configuration Settings


  C:\> AuditPol.exe /get  /subcategory:"Directory Service Access"

How to enable Windows Auditing

Recommended Audit Policy

Operating Systems:

Windows 2016 Windows 2019 Windows 2022

Tags:

Domain Controller Audit Success Audit Failure

Audit Category:

DS Access

Audit Subcategory:

Directory Service Access

LEFT/RIGHT arrow keys for navigation

Back to List