Solved

Windows Server 2008 Auditing

Posted on 2011-02-24
8
1,200 Views
Last Modified: 2012-05-11
I have installed Active Directory on windows server 2008 R2. On my Domain Controller, When i run the Local security policy, The Auding under
Security Security -> Local Policies -> Audit Policy -> All settings uder Audit polies are greyed out.

From where i can enable these options. Thanks
0
Comment
Question by:Netsol-NOS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 15

Expert Comment

by:JBond2010
ID: 34968610
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34968759
Do not use secpol.msc Configure Auditing policies within "Default Domain Controller" policy.

Regards,
Krzysztof
0
 

Author Comment

by:Netsol-NOS
ID: 34968999
Yes Agreed that default Domain Controller policy should be enabled for auditing. But i can not find the auditing under above mentioned path.

I have attached the default domain policy screen shot which did not show me the auditing that is available under local policy of Domain controller. I have attached the both screeshots.  Default Domain Controller PolicyLocal-security-Policy-of-DC.jpg
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34969097
First, please schedule DC reboot :) After that check if you can see everything (it's odd). If not, probably your DDCP is broken and you need to run DcGPOFix to fix it up and then re-set up them again :(
http://support.microsoft.com/kb/833783

Regards,
Krzysztof
0
 

Author Comment

by:Netsol-NOS
ID: 34969319
The above link applies to Windows server 2003.

Secondly, Is there any option that I can create new Domain Controller policy and link that policy to Domain Controller OU. And will that policy work exactly same as default DC policy.

0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 500 total points
ID: 34969406
Yes, I know (it was for overwiem, I'm sorry that I wasn't precise)

Nope, you need to use DcGPOFix to restore default settings of Default Domain Controller Policy :(

use this syntax:

dcgpofix /ignoreschema /target:dc

but do this after you reboot DC and it still doesn't work :)

Krzysztof
0
 

Author Comment

by:Netsol-NOS
ID: 34969579
Is there any risk to run this command.

As 900 Users are active into this domain.

Secondly, is there any option that I can unlock the greyed out polices in my local DC policy.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 34969614
Nope, you cannot unlock local policies on a DC.
Yes, there is always some risk :) Wait until they will finish work, do System State Backup of that DC and then try. This will reset Default Domain Controller Policy to its default settings. So, if you did any custom settings they will be lost and you need to set up them again.

Krzysztof
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question