Configure audit policies for DCs on server 2008

<< Display table of contents >>

Navigation:  Start > Install & Config > Configure scans and logga > Configure Active Directory (AD) Logga > Enable monitoring for the AD Logga > Configure audit policies for domain controllers (DCs) >

Configure audit policies for DCs on server 2008

Before configuring audit policies you should verify that all required categories are activated.

You can activate the required audit policies by running the following commands on every DC with admin rights:


For "Monitor policy changes":


auditpol /set /subcategory:{0CCE922F-69AE-11D9-BED3-505054503030} /success:enable


For "Directory service changes":


auditpol /set /subcategory:{0CCE923C-69AE-11D9-BED3-505054503030} /success:enable


For "Managing User Accounts", "Managing computer accounts", "Managing security groups", "Managing distribution groups", "Managing application groups" and "other account management events":


auditpol /set /subcategory:{0CCE9235-69AE-11D9-BED3-505054503030} /success:enable

auditpol /set /subcategory:{0CCE9236-69AE-11D9-BED3-505054503030} /success:enable

auditpol /set /subcategory:{0CCE9237-69AE-11D9-BED3-505054503030} /success:enable

auditpol /set /subcategory:{0CCE9238-69AE-11D9-BED3-505054503030} /success:enable

auditpol /set /subcategory:{0CCE9239-69AE-11D9-BED3-505054503030} /success:enable

auditpol /set /subcategory:{0CCE923A-69AE-11D9-BED3-505054503030} /success:enable



Repeat this process for every DC!