Solved

Windows Server 2008 Auditing

Posted on 2011-02-24
8
1,161 Views
Last Modified: 2012-05-11
I have installed Active Directory on windows server 2008 R2. On my Domain Controller, When i run the Local security policy, The Auding under
Security Security -> Local Policies -> Audit Policy -> All settings uder Audit polies are greyed out.

From where i can enable these options. Thanks
0
Comment
Question by:Netsol-NOS
  • 4
  • 3
8 Comments
 
LVL 15

Expert Comment

by:JBond2010
ID: 34968610
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34968759
Do not use secpol.msc Configure Auditing policies within "Default Domain Controller" policy.

Regards,
Krzysztof
0
 

Author Comment

by:Netsol-NOS
ID: 34968999
Yes Agreed that default Domain Controller policy should be enabled for auditing. But i can not find the auditing under above mentioned path.

I have attached the default domain policy screen shot which did not show me the auditing that is available under local policy of Domain controller. I have attached the both screeshots.  Default Domain Controller PolicyLocal-security-Policy-of-DC.jpg
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34969097
First, please schedule DC reboot :) After that check if you can see everything (it's odd). If not, probably your DDCP is broken and you need to run DcGPOFix to fix it up and then re-set up them again :(
http://support.microsoft.com/kb/833783

Regards,
Krzysztof
0
 

Author Comment

by:Netsol-NOS
ID: 34969319
The above link applies to Windows server 2003.

Secondly, Is there any option that I can create new Domain Controller policy and link that policy to Domain Controller OU. And will that policy work exactly same as default DC policy.

0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 500 total points
ID: 34969406
Yes, I know (it was for overwiem, I'm sorry that I wasn't precise)

Nope, you need to use DcGPOFix to restore default settings of Default Domain Controller Policy :(

use this syntax:

dcgpofix /ignoreschema /target:dc

but do this after you reboot DC and it still doesn't work :)

Krzysztof
0
 

Author Comment

by:Netsol-NOS
ID: 34969579
Is there any risk to run this command.

As 900 Users are active into this domain.

Secondly, is there any option that I can unlock the greyed out polices in my local DC policy.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34969614
Nope, you cannot unlock local policies on a DC.
Yes, there is always some risk :) Wait until they will finish work, do System State Backup of that DC and then try. This will reset Default Domain Controller Policy to its default settings. So, if you did any custom settings they will be lost and you need to set up them again.

Krzysztof
0

Join & Write a Comment

Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now