Solved

Audit policy in Windows Server 2k3

Posted on 2004-04-23
3
555 Views
Last Modified: 2010-04-19
Hello everybody,

i have a windows server 2k3 configured as a D.C. i was searching about how to configure audit policies, i want that "audit account logon events" and "audit logon events" to be enabled for success & failure, but when i run secpol.msc, i find in security settings/local policies/audit policy that those entries have "no auditing", and also when i click properties, i cannot change them.. they are grey marked , does anybody know wher to make them enabled so i can change them ?

thanx in advance
0
Comment
Question by:SUKHOI_Flanker
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 20

Expert Comment

by:What90
ID: 10899209
You need to really use the Active directoy tools for setting the policy for the Domain or the Domain controller. Lookup under admin tools on the DC

These links might help explain what's to do:


http://www.computerperformance.co.uk/w2k3/gp/group_policy_security_audit.htm#Audit%20Logon%20events
http://www.computerperformance.co.uk/w2k3/Security_Audit.htm
0
 

Author Comment

by:SUKHOI_Flanker
ID: 10899426
i've done what u told me, and disonnected from the session , then connect again, and i 've seen the logon/logoff event in event log, it was ok, but when i ran secpol.msc again, audit policies, i've not seen the changes in the 2 policies i've changed.. is it normal?
and also is there another part of the system where i can see more details about logon events ?

thanx
0
 
LVL 20

Accepted Solution

by:
What90 earned 50 total points
ID: 10899718
I take you are doing this from the DC?

If you run secpol from the DC it's effecting the local domain controller only. You need to use the MMC for security in Admin Tools for it to effect other machines/domain.
0

Featured Post

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question