ESENT event id to detect ntds.dit file theft
Dec 24, 2021
Go to you event viewer. Select application logs. Filter event logs from the right side pane. Select ESENT event source. Then search for event id, 325, 326, 327 and 216.
Thanks. Avi
Go to you event viewer. Select application logs. Filter event logs from the right side pane. Select ESENT event source. Then search for event id, 325, 326, 327 and 216.
Thanks. Avi
