No announcement yet.

Audit policy

  • Filter
  • Time
  • Show
Clear All
new posts

  • Audit policy


    I'm a happy user of Hyena, but my tecnical people don't use it :-(

    If I right-click on a domain i Hyena I can choose "Audit Policy"
    That show that "Logon and Logoff" and "Privileged logons (kerberos) only are logged on failure.
    Same thing happens if I rightclick on one of the domain controllers.

    Now - I want the event to be logged and the technical peopel says that it is.
    The look on a domain policy (GPO) and the settings here is on.

    If I look on a workstation the eventID 528 and 540 is logged local on the workstation but I want it logged on the domaincontrollers security event log.

    So my question is:
    When I right-click on the domain and can see the settings not been set, where in "Active Directory users and computers" do I change that setting?
    The easy way is to change in Hyena, but it's political for the technical gyes :-(

  • #2
    Re: Audit policy

    I believe you can right-click on your domain in ADU&C and choose Properties, then go to the Group Policy tab and click Open. From there you should have a Default Domain Controllers Policy, then Security Settings, then Local Policies/Audit Policy.


    • #3
      Re: Audit policy

      It fixed now.
      There are differences between "Audit logon events" and "Audit account logon events"
      and they have to be set on both
      "Default Domain Policy" and "Default Domain Controllers Policy"

      Thx anyway.