Monthly Archives: June 2014

repadmin trace user changes

Have you ever had problems with account lockouts, changes occur on objects but you don’t know where it came from? There are good tools you could download and use for this kind of things but there is a built in tool that can help us immediately.

Repadmin is a tool for managing and troubleshooting replication between DC/DSAs. It’s built in in Windows server 2008 and later, it comes with 2003 Server if you promote it to a DC. You could also add it through RSAT.

If you open a command prompt and run repadmin /? It will present us a lot of options. In this case we are interested in the /showobjmeta option.

Showobjmeta: Displays the replication metadata for a specified object stored in Active Directory, such as attribute ID, version number, originating and local Update Sequence Number (USN), and originating server’s GUID and Date and Time stamp.

With this information we could track different type of changes in the domain by running:

repadmin /showobjmeta [DC Name] [distinguished Name] Continue reading