Event ID 4882 – The Security Permissions For Certificate Services Changed
|Category||Object Access: Certification Services|
Every time there is a change in the access control list of the Certification Authority, event 4882 is logged. To perform a CA level operation, the party must be included in the ACL. For this event to be logged, the corresponding feature of "Change CA security settings" needs to be enabled in the CA's properties tab.
Why does event ID 4882 need to be monitored?
Since the ACL governs who can perform operations at the CA level, such as allowing users and groups certain permissions and assigning them roles, it is important ot monitor the changes made to the list.
With 200+ reports and real-time email and SMS alerts, ADAudit Plus tracks all certificate services related events, thus helping you meet your security, operational, and compliance needs with absolute ease.
Event 4882 applies to the following operating systems:
- Windows 2008 R2 and 7
- Windows 2012 R2 and 8.1
- Windows 2016 and 10
Explore Active Directory auditing and reporting with ADAudit Plus.
- Related Products
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Real-time Active Directory Auditing and UBA
- EventLog Analyzer Real-time Log Analysis & Reporting
- ADSelfService Plus Self-Service Password Management
- AD360 Integrated Identity & Access Management
- Log360 Comprehensive SIEM and UEBA
- AD Free Tools Active Directory FREE Tools