在 Windows Server 2008上,它是事件ID 5136( Directory Service Changes).另请参见事件ID 5137(创建),5138(取消删除),5130(移动).事件ID 4662包含旧式审核事件(见下文).

在Windows 2000 Server和Windows Server 2003上：

[T]he policy Audit directory service access was the only auditing control available for Active Directory. The events that were generated by this control did not show the old and new values of any modifications. This setting generated audit events in the Security log with the ID number 566. In Windows Server 2008,the audit policy subcategory Directory Service Access still generates the same events,but the event ID number is changed to 4662.