Active Directory event recording issue with Remove-ADGroupMember - by kevin sale

Status : 


Sign in
to vote
ID 848824 Comments
Status Active Workarounds
Type Bug Repros 0
Opened 4/8/2014 6:18:03 AM
Access Restriction Public


I think I've found an issue with the event data recorded in AD when running the Remove-ADGroupMember cmdlet. After running the command with a group name and user name, I can find the Security event log entry (ID:4729 Security Group Management) and the Member section of the entry has a dash (-) in the Account Name field.
 Using the equivalent Add-ADGroupMember command, the Account Name field is populated with the DN of the object that has been added; I would expect the Remove-ADGroupMember cmdlet to populate the field in the same way.
If you use the AD GUI tools, this field is always populated properly with a DN.
Sign in to post a comment.