Solved

Service connection point Object creation/deletion is not audited in Active Directoty

Posted on 2014-03-31
5
72 Views
Last Modified: 2015-06-24
Hi,
I am trying to audit creation/deletion/update of service connection point type objects in an specific OU and sub OU's in AD. Attached is the snapshot of audit policy I have applied on OU. But I do not see any events in security events log on the DC. Can any one tell me what I am doing wrong or what else needs to be done to enable audit on all object in certain OU in AD?
Policy.JPG
0
Comment
Question by:SRao123
  • 2
5 Comments
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39966030
What your screen shot showing is you have enabled auditing of file folder access

If you wanted to audit SCP related changes, then you must enable Audit directory service access for failure and success in default domain controller policy, then it will populate logs in security event logs on DC server

Also you will get some information in Directory service event logs on domain controller

Mahesh.
0
 
LVL 1

Author Comment

by:SRao123
ID: 39966043
We have DS auditing on success enabled, as in attached snapshot. Will that be enough or we need to make some other changes?
policy2.JPG
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39966194
That right
You need to select failure as well
0
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 40848205
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

OfficeMate Freezes on login or does not load after login credentials are input.
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now