Solved

How do I trun on the Security log so I can see the event loggin in the Event Viewer?

Posted on 2006-11-29
3
289 Views
Last Modified: 2012-05-05
I'm using Windows 2000 server.  Right now, there is no entry at all in my security log.

Thanks.
0
Comment
Question by:lapucca
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 17

Accepted Solution

by:
jburgaard earned 500 total points
ID: 18041628
How to enable and apply security auditing in Windows 2000:
http://support.microsoft.com/?kbid=300549

futher reading : http://labmice.techtarget.com/troubleshooting/EventLog.htm

hope this helps
0
 

Author Comment

by:lapucca
ID: 18041961
I followed the instruction of the 1st link but it's still not working and in  the Local Security Policy rihgt panel it still says "No auditing" in the "Effective Setting" column.  Why is that so?  
Also, I am in a domain, and the 1st link has a note about his as follow.  So how can I change that if I need to?  Thanks.
NOTE: If you are a member of a domain, and a domain-level policy is defined, domain-level settings override the local policy settings.


1. Log on to Windows 2000 with an account that has Administrator rights. If you want to grant other users the rights to set auditing, see the "How to Enable Another Account to Configure Auditing" section in the "Reference" section of this article.
2. Ensure that the Group Policy snap-in is installed; if it is not installed, follow the directions in the "How to Install the Group Policy Snap-in" section in the "References" section of this article to install it.
3. Click Start, point to Settings, and then click Control Panel.
4. Double-click Administrative Tools.
5. Double-click Local Security Policy to start the Local Security Settings MMC snap-in.
6. Double-click Local Policies to expand it, and then double-click Audit Policy.
7. In the right pane, double-click the policy that you want to enable or disable.
8. Click the Success (An audited security access attempt that succeeds) and Fail (audited security access attempt that fails) check boxes for logging on and logging off. For example, with this setting, a user's successful attempt to log on to the system is logged as a Success Audit event. If a user tries to access a network drive and fails, the attempt is logged as a Failure Audit event.
0
 

Author Comment

by:lapucca
ID: 18042461
Got it, I had to do it through Group Policy.  Thanks.
0

Featured Post

SharePoint Admin?

Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question