Link to home
Start Free TrialLog in
Avatar of Netsol-NOS
Netsol-NOS

asked on

Windows Server 2008 Auditing

I have installed Active Directory on windows server 2008 R2. On my Domain Controller, When i run the Local security policy, The Auding under
Security Security -> Local Policies -> Audit Policy -> All settings uder Audit polies are greyed out.

From where i can enable these options. Thanks
Avatar of James
James
Flag of Ireland image

Do not use secpol.msc Configure Auditing policies within "Default Domain Controller" policy.

Regards,
Krzysztof
Avatar of Netsol-NOS
Netsol-NOS

ASKER

Yes Agreed that default Domain Controller policy should be enabled for auditing. But i can not find the auditing under above mentioned path.

I have attached the default domain policy screen shot which did not show me the auditing that is available under local policy of Domain controller. I have attached the both screeshots.  User generated imageLocal-security-Policy-of-DC.jpg
First, please schedule DC reboot :) After that check if you can see everything (it's odd). If not, probably your DDCP is broken and you need to run DcGPOFix to fix it up and then re-set up them again :(
http://support.microsoft.com/kb/833783

Regards,
Krzysztof
The above link applies to Windows server 2003.

Secondly, Is there any option that I can create new Domain Controller policy and link that policy to Domain Controller OU. And will that policy work exactly same as default DC policy.

ASKER CERTIFIED SOLUTION
Avatar of Krzysztof Pytko
Krzysztof Pytko
Flag of Poland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Is there any risk to run this command.

As 900 Users are active into this domain.

Secondly, is there any option that I can unlock the greyed out polices in my local DC policy.
Nope, you cannot unlock local policies on a DC.
Yes, there is always some risk :) Wait until they will finish work, do System State Backup of that DC and then try. This will reset Default Domain Controller Policy to its default settings. So, if you did any custom settings they will be lost and you need to set up them again.

Krzysztof