?
Solved

Enable Windows Audit via MDT 2012 Update 1

Posted on 2013-02-04
6
Medium Priority
?
521 Views
Last Modified: 2013-02-18
Hi All,

I have created the batch file below to enable auditing in Windows 2008 R2...
The batch file works fine when run manually, but it does not set the audit information via MDT 2012 Update 1.

Not sure if I am missing anything, if not is there another way to set it natively via Powershell or WMI.

Thanks in advance

-Steve
0
Comment
Question by:Stevolee
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 24

Expert Comment

by:Nagendra Pratap Singh
ID: 38850801
Where is the file?
0
 

Author Comment

by:Stevolee
ID: 38850829
Hi,

Sorry I thought I attached the file...

I have reattached it and also copied it below:

Thx.



SET CURRENTDIR=%~dp0

cmd.exe /c %SystemRoot%\system32\auditpol.exe /set /category:"Account Logon" /success:Enable /failure:Enable

cmd.exe /c %SystemRoot%\system32\auditpol.exe /set /category:"DS Access" /success:Disable /failure:Enable

cmd.exe /c %SystemRoot%\system32\auditpol.exe /set /category:"Account Management" /success:Enable /failure:Enable

cmd.exe /c %SystemRoot%\system32\auditpol.exe /set /category:"Policy Change" /success:Enable /failure:Enable

cmd.exe /c %SystemRoot%\system32\auditpol.exe /set /category:"Object Access" /success:Enable /failure:Enable

cmd.exe /c %SystemRoot%\system32\auditpol.exe /set /category:"Logon/Logoff" /success:Enable /failure:Enable

cmd.exe /c %SystemRoot%\system32\auditpol.exe /set /category:"Privilege Use" /success:Enable /failure:Enable

cmd.exe /c %SystemRoot%\system32\auditpol.exe /set /category:"System" /success:Enable /failure:Enable
install.cmd
0
 
LVL 24

Expert Comment

by:Nagendra Pratap Singh
ID: 38850852
BTW does the file run when played inside MDT2012?

Did it run before sp1?

Also please change lines to

echo "1" >> d:\text.txt

etc and see if they run.

D:\ should allow writing.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Stevolee
ID: 38851238
Hi,

I have piped out the log and it shows that it ran successfully via MDT but the policies are not been applied... Meanwhile if I ran it manually it works fine and applies the policy.

I have only used MDT 2012 Update 1, I have not tried it on the older version.

I was hoping at this stage if no joy then perhaps any suggestions on how to use WMI or powershell to apply the policies...

Thanks in advance

-Steve
0
 

Accepted Solution

by:
Stevolee earned 0 total points
ID: 38884749
I ran the script using the runonce registry key worked a treat!
0
 

Author Closing Comment

by:Stevolee
ID: 38900873
found the solution myself
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Nano Server Image Builder helps you create a custom Nano Server image and bootable USB media with the aid of a graphical interface. Based on the inputs you provide, it generates images for deployment and creates reusable PowerShell scripts that …
Recently we ran in to an issue while running some SQL jobs where we were trying to process the cubes.  We got an error saying failure stating 'NT SERVICE\SQLSERVERAGENT does not have access to Analysis Services. So this is a way to automate that wit…
The view will learn how to download and install SIMTOOLS and FORMLIST into Excel, how to use SIMTOOLS to generate a Monte Carlo simulation of 30 sales calls, and how to calculate the conditional probability based on the results of the Monte Carlo …
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question