Can the event log on a Windows Server 2003 Domain Controller keep track of changes made to the user account's Telephone numbers (eg Home, Pager, Mobile, Fax, IP phone) under "Active Directory Users and Computers". That is, if I change the Mobile number of a user account, will this be reflected on the event log? What is the event ID to look out for?

Hi, Yes, it can. You need to enable Audit Directory Services Access policy and configure the auditing for specific Active Directory objects. For more information: HOW TO: Audit Active Directory Objects in Windows Server 2003 http://support.microsoft.com/kb/814595 Here is a sample event for your reference: Event Type: Success Audit Event Source: Security Event Category: Directory Service Access Event ID: 566 Date: 7/14/2009 Time: 5:29:09 PM User: SUB1\Administrator Computer: SUB2003DC1 Description: Object Operation: Object Server: DS Operation Type: Object Access Object Type: user Object Name: CN=abc,OU=ADAM,DC=sub1,DC=Test,DC=local Handle ID: - Primary User Name: SUB2003DC1$ Primary Domain: SUB1 Primary Logon ID: (0x0,0x3E7) Client User Name: Administrator Client Domain: SUB1 Client Logon ID: (0x0,0x47F56B) Accesses: Write Property Properties: Write Property Personal Information mobile user Additional Info: Additional Info2: Access Mask: 0x20 Thanks.