asked on GPO settings aren't applied 100%
I'm developing a GPO that will set Audit Policies.
I've read a few things and have followed various suggestions from https://helpcenter.netwrix.com/Configure_IT_Infrastructure/Windows_Server/WS_Local_Policies.html
I *have* noted that Advanced Audit Policy Configuration \ System Audit Policies - Local Group Policy Object says:
gpresult /scope:computer /r says the GPO has been applied.
And, I see that this one rerquired setting above is grayed out and Enabled. That's what I might expect.
But the remaining settings in Advanced Audit Policy Configuration \ System Audit Policies - Local Group Policy Object are NOT set.
That's puzzling.
Any suggestions would be appreciated!
Just for reference, if there's a better way, all I really want to do is to "reasonably" replace the following script with a GPO:
I've read a few things and have followed various suggestions from https://helpcenter.netwrix.com/Configure_IT_Infrastructure/Windows_Server/WS_Local_Policies.html
I *have* noted that Advanced Audit Policy Configuration \ System Audit Policies - Local Group Policy Object says:
When Advanced Audit Policy Configuration settings are used, the "Audit" Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" policy setting under Local Policies \Security Options must also be enabled.and have Enabled it in the GPO.
gpresult /scope:computer /r says the GPO has been applied.
And, I see that this one rerquired setting above is grayed out and Enabled. That's what I might expect.
But the remaining settings in Advanced Audit Policy Configuration \ System Audit Policies - Local Group Policy Object are NOT set.
That's puzzling.
Any suggestions would be appreciated!
Just for reference, if there's a better way, all I really want to do is to "reasonably" replace the following script with a GPO:
auditpol /set /category:"Account Logon" /failure:enable /success:enable
auditpol /set /category:"Account Management" /failure:enable /success:enable
auditpol /set /category:"DS Access" /failure:enable /success:enable
auditpol /set /category:"Logon/Logoff" /failure:enable /success:enable
auditpol /set /category:"Object Access" /failure:enable /success:enable
auditpol /set /category:"Policy Change" /failure:enable /success:enable
auditpol /set /category:"Privilege Use" /failure:enable /success:enable
auditpol /set /category:"Detailed Tracking" /failure:enable /success:enable
auditpol /set /category:"System" /failure:enable /success:enable
auditpol /set /subcategory:"Filtering Platform Connection" /success:disable /failure:enable
Windows 10Windows Server 2019* auditing* gp1Active Directory
Last Comment
hypercube
ASKER
Hello There: Thanks! Yes. One can see them listed there.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
kevinhsieh: Well, I did create a new GPO for this. But before I can test it, the "Link an existing GPO" menu item on the OU right click menu is missing.
ASKER
The reason it was missing was only because of the View mode selected. I'm not sure how it got that way but it's resolved now.
Anyway, I've gotten past this. There's a new GPO.
It appears that gpedit.msc does NOT reflect the actual settings. And, that's where I've been looking.
But, command line auditpol DOES it seems and I can see the settings that have been made.
Thanks all!!
Anyway, I've gotten past this. There's a new GPO.
It appears that gpedit.msc does NOT reflect the actual settings. And, that's where I've been looking.
But, command line auditpol DOES it seems and I can see the settings that have been made.
Thanks all!!
ASKER
Thanks again!!
If not, please see this link:
https://www.experts-exchange.com/questions/29174723/File-Share-Policy-in-Advanced-Audit-Configuration-not-applying.html