• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 562
  • Last Modified:

Audit policy in Windows Server 2k3

Hello everybody,

i have a windows server 2k3 configured as a D.C. i was searching about how to configure audit policies, i want that "audit account logon events" and "audit logon events" to be enabled for success & failure, but when i run secpol.msc, i find in security settings/local policies/audit policy that those entries have "no auditing", and also when i click properties, i cannot change them.. they are grey marked , does anybody know wher to make them enabled so i can change them ?

thanx in advance
  • 2
1 Solution
You need to really use the Active directoy tools for setting the policy for the Domain or the Domain controller. Lookup under admin tools on the DC

These links might help explain what's to do:

SUKHOI_FlankerAuthor Commented:
i've done what u told me, and disonnected from the session , then connect again, and i 've seen the logon/logoff event in event log, it was ok, but when i ran secpol.msc again, audit policies, i've not seen the changes in the 2 policies i've changed.. is it normal?
and also is there another part of the system where i can see more details about logon events ?

I take you are doing this from the DC?

If you run secpol from the DC it's effecting the local domain controller only. You need to use the MMC for security in Admin Tools for it to effect other machines/domain.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now