Phone Get Quote
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892


FAQ for Windows servers08/05/2018

  1. To verify if the desired audit policies and security log settings are configured: 

    Log in to any computer that has the GPMC with Domain Admin credentials. Open the GPMC, right-click Group Policy Results, and open the Group Policy Results Wizard. Select the computer and user (current user), then verify if the desired settings as defined in step 2.2 are configured.

  2. To verify if the desired events are getting logged:

    Log in to any computer with Domain Admin credentials. Open Run, then type “eventvwr.msc”. Right-click on Event Viewer. Connect to the target computer, then verify if events corresponding to the configured audit policies are getting logged. For example, event ID 4768 should get logged when Success audit events is configured under the Audit Kerberos Authentication Service Subcategory, under the Account Logon Category (refer to step 2.2.1).

ADAudit Plus Trusted By