Solved

Ad auditing

Posted on 2009-04-02
1
222 Views
Last Modified: 2012-05-06
I am setting up auditing for a active directory environment. I need to know what to do to correlate all teh events to a server or two. I am using a product called sentinel to access teh event logs over WMI. what do I have the ad administrator do on the ad side to make sure he has a plociy to collect ad events on his domain controller or is this in the DC event log by default
0
Comment
Question by:zenworksb
1 Comment
 
LVL 15

Accepted Solution

by:
zelron22 earned 500 total points
ID: 24050188
He needs to have auditing turned on for whichever events you want to audit, e.g. logon failure, logon success, object access, etc.

If any of the audited events occur, they get logged in the security log.

Audit logging is turned on/modified either via Local Security Policy for stand alone servers or through Group policy for domain members, domain controllers, etc.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question