Solved

Unable to set audit policy

Posted on 2016-09-21
4
30 Views
Last Modified: 2016-09-27
Hi, Help I am trying to set Account Management subcategories Audit Policies from a command prompt using the an auditpol batch file. I run the CMD prompt as local administrator and for each audit policy in the batch file I get the following error;
"Error 0x00000522 occurred:
A required privilege is not held by the client."

example  command Auditpol /set /category:"Account Management" /subcategory:"User Account Management" /success:enable

The OS is Windows Server 2008 SP2
I am logging on with local admin
The server is not on a domain
Audit-Pol-Command-Prompt-text.txt
0
Comment
Question by:EL Gato
  • 2
  • 2
4 Comments
 
LVL 53

Assisted Solution

by:McKnife
McKnife earned 500 total points
ID: 41809290
Hi.

Let's follow the error message. The privilege that it's talking about might be
Manage auditing and security log

This security setting determines which users can specify object access auditing options for individual resources, such as files, Active Directory objects, and registry keys.

This security setting does not allow a user to enable file and object access auditing in general. For such auditing to be enabled, the Audit object access setting in Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policies must be configured.

Find it in secpol.msc - local policies - user rights assignment
1
 

Accepted Solution

by:
EL Gato earned 0 total points
ID: 41810738
I created a group and named it Auditors, added Administrator account to the Auditors group. then in Local Security Policy> Local Policies> User Rights Assignment> Manage auditing and security log, I added the Auditors group. This worked like a charm however, I don't understand why it would not work when the Administrators group had permissions to "Manage auditing and security log" it only worked when Auditors group had permissions to "Manage auditing and security log". Things that make you go Hmmm.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 41810898
Reason: Could it be that you didn't elevate the command prompt? Only an elevated command prompt will really treat you as an admin.
0
 

Author Closing Comment

by:EL Gato
ID: 41817539
Thanks to McKnife for putting me on the right trail. The key seemed to be creating a group called Auditors and adding admins to that group once the group was added to Manage auditing and security log the script ran without an error.
0

Featured Post

The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now