Event ID - 5136

Event Id5136
SourceMicrosoft-Windows-Security-Auditing
DescriptionA directory service object was modified.

Subject:
      Security ID:<Security ID>
      Account Name:<Account Name>
      Account Domain:<Domain name>
      Logon ID:<Logon ID>     

Directory Service:
      Name:<Name>
      Type:<Type>     

Object:
      DN:<DN>
      GUID:<GUID>
      Class:<Class>     

Attribute:
      LDAP Display Name:<LDAP Display Name>
      Syntax (OID):<Syntax (OID)>
      Value:<Value>     

Operation:
      Type:<Type>
      Correlation ID:<Correlation ID>
      Application Correlation ID:<Application Correlation ID>     

Event InformationCause :
This event will only be logged when the object's audit policy has auditing enabled for the properties or actions involved and for the user performing the action or a group to which the user belongs.This event documents modifications to AD objects, identifying the object, user, attribute modified, the new value of the attribute if applicable and the operation performed.
Resolution :
This is an information event and no user action is required.
Reference Links

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh