Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

system account changing group policy settings

Posted on 2011-02-24
4
444 Views
Last Modified: 2013-12-04
We use Netwrix to report Group Policy changes and have noticed every few weeks the system account is responsible for changing the 'Audit directory service access' setting  under Computer Configuration (Enabled)/Windows Settings/Security Settings/Local Policies/Audit Policy to No auditing.  Is there a legitimate reason that this would be happening?
 netwrix
0
Comment
Question by:dstewart69
  • 2
4 Comments
 
LVL 51

Expert Comment

by:Netman66
ID: 34980431
No, this isn't normal behaviour.

Does it ever change back with the System account?

What OS is running on your DCs?

In Server 2008 there is a new subcategory for Directory Service Changes that *might* turn off the legacy setting you have if it is configured, but I don't know if you have a mix of 2003 and 2008 DCs.

You might be able to use Auditpol.exe to see additional details.  This tool also has the ability to modify audit policies, so be careful.

0
 

Accepted Solution

by:
dstewart69 earned 0 total points
ID: 34980476
We have been manually changing it back.
We have just recentely added a 2008 DC but this was happening before that.
I will try the Auditpol.exe and see if I can get any more info.
0
 

Author Closing Comment

by:dstewart69
ID: 35252778
No good answer, will just keep manually changing back
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Learn how ViaSat reduced average response times for IT incidents from 10 minutes to 30 seconds.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question