Active Directory How-To pages

Active Directory Auditing Tool

Monitor all audit policy changes and get detailed reports on the old and new value of changed attribute,
who performed the change and when

Get Your Free Trial Free, fully functional 30-day trial
Active Directory Auditing Tool

The Who, Where and When information is very important for an administrator to have complete knowledge of all activities that occur on their Active Directory. This helps them identify any desired / undesired activity happening. ADAudit Plus assists an administrator with this information in the form of reports. In real-time, ensure critical resources in the network like the Domain Controllers are audited, monitored and reported with the entire information on AD objects - Users, Groups, GPO, Computer, OU, DNS, AD Schema and Configuration changes with 200+ detailed event specific GUI reports and email alerts.

Monitor all audit policy changes and get detailed reports on the old and new value of changed attribute,
who performed the change and when

Account Management » Active Directory How-To pages

How to view advanced audit policy configuration?

  1. Advanced auditing allows for more granular audit configuration, so that only events you are interested in capturing are written to the Event Log.
  2. The new settings can be found in Group Policy under:
    Computer Configuration\Policies\Security Settings\Advanced Audit Policy Configuration.
    The original audit settings can be found here:
    Security Settings\Local Policies\Audit Policy.
  3. Enable Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings in Group Policy to make sure that basic auditing is disabled.
  4. The setting can be found under
    ComputerConfiguration\Policies\Security Settings\Local Policies\Security Options, and sets the SCENoApplyLegacyAuditPolicyregistry key to prevent basic auditing being applied using Group Policy and the Local Security Policy MMC snap-in.
  5. Now that you’ve disabled basic auditing, you can navigate to the Advanced Audit Policy Configuration node and enable auditing for any of the subcategories. In the new advanced configuration there are four different account logon events that can be audited:
    • Audit Credential Validation
    • Audit Kerberos Authentication Service
    • Audit Kerberos Service Ticket Operations
    • Audit Other Account Logon Events

Explore Active Directory auditing and reporting with ADAudit Plus.

  • Enter your email id
    Please enter a valid email id
  • Enter your phone number
  • Select demo date
  • By clicking 'Schedule a personalized demo', you agree to processing of personal data according to the Privacy Policy. You can unsubscribe from our mails at anytime.
Account Management Auditing
Active Directory Auditing
Windows Server Auditing