?
Solved

Service connection point Object creation/deletion is not audited in Active Directoty

Posted on 2014-03-31
5
Medium Priority
?
105 Views
Last Modified: 2015-06-24
Hi,
I am trying to audit creation/deletion/update of service connection point type objects in an specific OU and sub OU's in AD. Attached is the snapshot of audit policy I have applied on OU. But I do not see any events in security events log on the DC. Can any one tell me what I am doing wrong or what else needs to be done to enable audit on all object in certain OU in AD?
Policy.JPG
0
Comment
Question by:SRao123
  • 2
4 Comments
 
LVL 38

Accepted Solution

by:
Mahesh earned 2000 total points
ID: 39966030
What your screen shot showing is you have enabled auditing of file folder access

If you wanted to audit SCP related changes, then you must enable Audit directory service access for failure and success in default domain controller policy, then it will populate logs in security event logs on DC server

Also you will get some information in Directory service event logs on domain controller

Mahesh.
0
 
LVL 1

Author Comment

by:SRao123
ID: 39966043
We have DS auditing on success enabled, as in attached snapshot. Will that be enough or we need to make some other changes?
policy2.JPG
0
 
LVL 38

Expert Comment

by:Mahesh
ID: 39966194
That right
You need to select failure as well
0
 
LVL 36

Expert Comment

by:Seth Simmons
ID: 40848205
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question