Solved

DC not showing failed logon attempts

Posted on 2014-12-15
2
175 Views
Last Modified: 2014-12-16
I have a domain controller that is 2008 R2 and I can't seem to get it to show the failed login attempts in the eventviewer.  Any suggestions on what I might be missing.   It shows the successful ones ......


Thanks .
0
Comment
Question by:jtbrown1111
2 Comments
 
LVL 6

Accepted Solution

by:
oferam earned 500 total points
ID: 40501362
Through the "Group Policy Management" you should edit the "Default Domain Controllers Policy" to include failed logon events.

Right click that policy - Choose edit... and navigate to:
Policies --> Windows settings --> Security Settings --> Local Policies --> Audit Policy

The are two relevant definitions overs there:
1) audit account logon events
2) audit logon events

Make sure those include failed as well.
0
 

Author Closing Comment

by:jtbrown1111
ID: 40503776
Thanks ....  This worked
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question