|Guide for beginners and administrators|
Audit policy setup
Basic division into successful and unsuccessful tries
1. The administrative tool - "Local security policy" - from Start menu and
the option Local policy/ Audit policy
2. Run the MMC console and add a snap-in of the Group policy
Computer configuration - Windows system settings- Security settings -
Local policy - Audit policy
3. The two previous ways are only suitable for stand-alone member servers or stand-alone computers with Windows 2000 Professional (XP Professional). For administration within the domain and the controllers choose these administrative tools - "Domain security policy" or "Domain controllers security policy". Using this way, you setup the audit functions for more computers.
Successful and unsuccessful tries, Audit policy
Size of the security protocol is not unlimited
In case you setup higher amount of kinds of audit, the protocol gets quickly full and then the orientation gets worse.
The more unnecessary settings for the audit you allow, the more you waste the computer performance; in case of auditing all events, the loss of the performance could be noticeable.
Setting the audit on objects
1. Folders and Files
3. Objects of the Active Directory
Example of an audit event record
Event Type: Failure Audit
Print Print article | Recommend Send link
FAQ (Frequently Asked Questions)