In this video i will show you how to enable Auditing of Active Directory Objects.
This exercise walks you through the steps you must take to implement auditing of Active Directory objects on domain controllers.
- Open the Domain Controller Security Policy tool (located in the Administrative tools program group).
- Expand Security Settings, Local Policies, Audit Policy.
- Double-click the Audit Directory Service Access policy.
- In the Audit Directory Service Access Properties dialog box, place a check mark next to the option for Define These Policy Settings, and check marks at Success and Failure. Click OK to save the settings.
- Expand Security Settings, Event Log to see the options associated with the event logs.
- Double-click the Maximum Security Log Size item in the right pane of the Domain Controller Security Policy tool, and set the value to 2048KB in the Maximum Security Log Size dialog box. Click OK.
- In the right pane of the Domain Controller Security utility, double-click the Retain Security Log item and specify that events should be overwritten after seven days in the Retain Security Log dialog box. Click OK. You will be notified that the Retention Method For Security Log option will also be changed. Click OK to accept the changes.
