[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Where are DC security log entries coming from

Posted on 2011-10-28
8
Medium Priority
?
303 Views
Last Modified: 2012-05-12
I wanted to design auditing from scratch and went into Default Domain group policy and set all items in  Computer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy to No auditing but yet the entries keep coming in.  Running AD 2008

0
Comment
Question by:svenswenson
  • 5
  • 3
8 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37044901
Check the default domain controller policy too.

Thanks

Mike
0
 

Author Comment

by:svenswenson
ID: 37044919
Yep default domain controller policy is no auditing
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37044924
What types of entries are you seeing?
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:svenswenson
ID: 37044945
Event ids 4624,4634,4769,and 4776
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37045276
Are you seeing those for every login to the domain?
0
 

Author Comment

by:svenswenson
ID: 37045325
Yes, including many anonymous and workstation logins
0
 

Accepted Solution

by:
svenswenson earned 0 total points
ID: 37076544
Opened Microsoft support call and they stated you cannot stop all audting for your own protection
0
 

Author Closing Comment

by:svenswenson
ID: 37098876
Microsoft does not allowed all auduting o be diabled
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question