Where Are Active Directory Security Logs?
Posted on 2004-04-07
Simple question: I recently set up a Windows 2000 Active Directory for a small office. It has worked well except for a couple of user accounts that got locked out for unknown reasons. My policy allows up to 5 bad logins within an hour before locking out an account and nobody remembers typing bad passwords. (Nobody ever does... :-) ) Anyway, back in the old days of Win NT 4, I would just go to the event log on the domain controller and see when the bad logins occurred. On Win2k, however, I'm not seeing anything relating to AD logins on the event log. I'm pretty sure I have auditing turned on for all of the appropriate AD events. Where would I look for logs of these AD events?
--> Daryl Shockey