Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Unable to set audit policy

Posted on 2016-09-21
4
Medium Priority
?
73 Views
Last Modified: 2016-09-27
Hi, Help I am trying to set Account Management subcategories Audit Policies from a command prompt using the an auditpol batch file. I run the CMD prompt as local administrator and for each audit policy in the batch file I get the following error;
"Error 0x00000522 occurred:
A required privilege is not held by the client."

example  command Auditpol /set /category:"Account Management" /subcategory:"User Account Management" /success:enable

The OS is Windows Server 2008 SP2
I am logging on with local admin
The server is not on a domain
Audit-Pol-Command-Prompt-text.txt
0
Comment
Question by:EL Gato
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 56

Assisted Solution

by:McKnife
McKnife earned 2000 total points
ID: 41809290
Hi.

Let's follow the error message. The privilege that it's talking about might be
Manage auditing and security log

This security setting determines which users can specify object access auditing options for individual resources, such as files, Active Directory objects, and registry keys.

This security setting does not allow a user to enable file and object access auditing in general. For such auditing to be enabled, the Audit object access setting in Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policies must be configured.

Find it in secpol.msc - local policies - user rights assignment
1
 

Accepted Solution

by:
EL Gato earned 0 total points
ID: 41810738
I created a group and named it Auditors, added Administrator account to the Auditors group. then in Local Security Policy> Local Policies> User Rights Assignment> Manage auditing and security log, I added the Auditors group. This worked like a charm however, I don't understand why it would not work when the Administrators group had permissions to "Manage auditing and security log" it only worked when Auditors group had permissions to "Manage auditing and security log". Things that make you go Hmmm.
0
 
LVL 56

Expert Comment

by:McKnife
ID: 41810898
Reason: Could it be that you didn't elevate the command prompt? Only an elevated command prompt will really treat you as an admin.
0
 

Author Closing Comment

by:EL Gato
ID: 41817539
Thanks to McKnife for putting me on the right trail. The key seemed to be creating a group called Auditors and adding admins to that group once the group was added to Manage auditing and security log the script ran without an error.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When asking a question in a forum or creating documentation, screenshots are vital tools that can convey a lot more information and save you and your reader a lot of time
By default Outlook 2016 displays only one time zone in the Calendar. The following article explains how to display two time zones in one calendar view.
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question