User added to group field

I have created a simple report that shows the users who are members of a PIV Exemption group, however I need the report to show the date they were added to the Group so we can determine the number of days they have been a member so we can disable after a given number of days.  Is this possible in ER?  If so what is the field name etc?



  • The information about when this occurred is written to the security log of your domain controller and is not something that Enterprise Reporter collects since it is focused on what might be termed static or state data from Active Directory.

    If you are interested in this type of transactional audit data, you should consider 
    Change Auditor for Active Directory.

  • Mike, I got to thinking about your situation a bit more:

    Are you using a script to add people to the group?

    Would it be practical to stamp the date they were added into another otherwise-unused property of the user?

    Doing this would allow you two things:

    You could report on all the current members and the contents of the timestamp property (you could include this property into a Reporter report).

    Then you could have another script remove the user from the group based on the timestamp property.

    Just putting that out there for your consideration.

  • No just adding them manually.  I'm able to do a search in Change Auditor that shows "members added" to that particular PIV Exemption group like you said.  Is there anyway I can tie that into the current members of that group in AD so it only shows when they were added?  Obv the Who tab is for who added them to the group so that didn't work.  Right now I get a list of events of everyone ever added to that group and compare it to the list pulled from ER and do a comparison in excel.

  • That's pretty much how I would approach it.  I can't think of anything out of the box in either product that would streamline that.  You could write some Powershell to automate it a bit but that's about it.