- Active Directory
- active directory group policy
GPO settings aren't applied 100%
I'm developing a GPO that will set Audit Policies.
I've read a few things and have followed various suggestions from https://helpcenter.netwrix.com/Configure_IT_Infrastructure/Windows_Server/WS_Local_Policies.html
I *have* noted that Advanced Audit Policy Configuration \ System Audit Policies - Local Group Policy Object says:
gpresult /scope:computer /r says the GPO has been applied.
And, I see that this one rerquired setting above is grayed out and Enabled. That's what I might expect.
But the remaining settings in Advanced Audit Policy Configuration \ System Audit Policies - Local Group Policy Object are NOT set.
That's puzzling.
Any suggestions would be appreciated!
Just for reference, if there's a better way, all I really want to do is to "reasonably" replace the following script with a GPO:
I've read a few things and have followed various suggestions from https://helpcenter.netwrix.com/Configure_IT_Infrastructure/Windows_Server/WS_Local_Policies.html
I *have* noted that Advanced Audit Policy Configuration \ System Audit Policies - Local Group Policy Object says:
When Advanced Audit Policy Configuration settings are used, the "Audit" Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" policy setting under Local Policies \Security Options must also be enabled.and have Enabled it in the GPO.
gpresult /scope:computer /r says the GPO has been applied.
And, I see that this one rerquired setting above is grayed out and Enabled. That's what I might expect.
But the remaining settings in Advanced Audit Policy Configuration \ System Audit Policies - Local Group Policy Object are NOT set.
That's puzzling.
Any suggestions would be appreciated!
Just for reference, if there's a better way, all I really want to do is to "reasonably" replace the following script with a GPO:
auditpol /set /category:"Account Logon" /failure:enable /success:enable
auditpol /set /category:"Account Management" /failure:enable /success:enable
auditpol /set /category:"DS Access" /failure:enable /success:enable
auditpol /set /category:"Logon/Logoff" /failure:enable /success:enable
auditpol /set /category:"Object Access" /failure:enable /success:enable
auditpol /set /category:"Policy Change" /failure:enable /success:enable
auditpol /set /category:"Privilege Use" /failure:enable /success:enable
auditpol /set /category:"Detailed Tracking" /failure:enable /success:enable
auditpol /set /category:"System" /failure:enable /success:enable
auditpol /set /subcategory:"Filtering Platform Connection" /success:disable /failure:enable
Can you see the configured items in the Settings tab in GPMC?
If not, please see this link:
https://www.experts-exchange.com/questions/29174723/File-Share-Policy-in-Advanced-Audit-Configuration-not-applying.html
If not, please see this link:
https://www.experts-exchange.com/questions/29174723/File-Share-Policy-in-Advanced-Audit-Configuration-not-applying.html
Create a NEW GPO and configure the audit settings you want. The following lisk has an example. Note that it shows VERY POOR practice of editing the default domain policy.
https://manuals.gfi.com/en/esm2013administrator/content/acm/topics/config/enablingauditviagpo.htm
https://manuals.gfi.com/en/esm2013administrator/content/acm/topics/config/enablingauditviagpo.htm
kevinhsieh: Well, I did create a new GPO for this. But before I can test it, the "Link an existing GPO" menu item on the OU right click menu is missing.
The reason it was missing was only because of the View mode selected. I'm not sure how it got that way but it's resolved now.
Anyway, I've gotten past this. There's a new GPO.
It appears that gpedit.msc does NOT reflect the actual settings. And, that's where I've been looking.
But, command line auditpol DOES it seems and I can see the settings that have been made.
Thanks all!!
Anyway, I've gotten past this. There's a new GPO.
It appears that gpedit.msc does NOT reflect the actual settings. And, that's where I've been looking.
But, command line auditpol DOES it seems and I can see the settings that have been made.
Thanks all!!
Explore More ContentExplore courses, solutions, and other research materials related to this topic.
-
![]()
received a Solution
GPO applied to a computer OU which overrides a GPO applied to a User OU -
![]()
wrote an Article
![]()
Improve website response times easily with DNS Settings
-
![]()
created a Video
![]()
Windows 10 - Join the Insider Preview
-
Explore Cloud Class® ![]()
What’s New in Windows 10
