How to enable audit policy in Windows Server 2012?
- Log on to your domain controller using an administrator account.
- Open the Active Directory Users and Computers snap-in.
- Right-click the container housing the domain controller and click Properties.
- Click the Group Policy tab, and then click Edit to modify the Default Domain Policy.
- In the Group Policy window, expand Computer Configuration, navigate to Windows Settings -→ Security Settings -→ Local Policies.
- Select Audit Policy.
- As an example, double-click Audit Directory Service Access policy andenabled or disabled successful or failed access attempts as needed.
- Click OK. It will take a few minutes for the change to take effect, and other domain controllers will receive the change at the next regular replication interval.