Active Directory How-To pages

Active Directory Auditing Tool

Get comprehensive reports on all logon failures with details on reason for
logon failure as well

Get Your Free Trial Free, fully functional 30-day trial
Active Directory Auditing Tool

The Who, Where and When information is very important for an administrator to have complete knowledge of all activities that occur on their Active Directory. This helps them identify any desired / undesired activity happening. ADAudit Plus assists an administrator with this information in the form of reports. In real-time, ensure critical resources in the network like the Domain Controllers are audited, monitored and reported with the entire information on AD objects - Users, Groups, GPO, Computer, OU, DNS, AD Schema and Configuration changes with 200+ detailed event specific GUI reports and email alerts.

Get comprehensive reports on all logon failures with details on reason for
logon failure as well

Account Management » Active Directory How-To pages

How to enable auditing for logon failure?

  • Logon to your domain controller with administrative privileges and launch the Group Policy Management console.
  • Right-click the appropriate Group Policy Object linked to the Domain Controllers container and select Edit.
  • Expand the Computer Configuration → Windows Setting → Security Settings → Local Policies → Audit Policy node.
  • Configure audit policies as follows:
    • Account Management: Success
    • Audit account logon events: Failure
    • Audit logon events: Failure

    how-to-enable-auditing-for-logon-failure

It will take a few minutes for the changes to take effect, and other domain controllers will receive the change at the next regular replication interval.