Lepide Help Center

What configurations are required to audit a domain in Active Directory and Group Policy?

Lepide Support -

LepideAuditor Suite automatically makes configurations in Active Directory and Group Policy while adding a domain. If you come across an error or issue during the process, enable the auditing manually at the domain.

Please refer to the guide to enable auditing manually to know the steps in detail.

The following group policies are enabled for both successful and failure events in “Audit Policy” under “Local Policies” in the Default Domain Controller Policy for all Windows Server operating systems.

  1. Audit account logon events
  2. Audit Account Management
  3. Audit directory service access

The following Advanced Audit Group Policies are enabled for both successful and failure events.

  1. Account Logon
  2. Account Management
  3. Directory Service Access
  4. Logon/Logoff
  5. Object Access
  6. Policy Change

For Windows Server 2008 R2 or higher versions, the policies in above categories are enabled for both successful and failure events.

Auditing of the following root nodes of ADSIEdit.MSC are enabled for “Everyone” or for a specified user.

  1. “DC=www,DC=domain,DC=com”of “Default Naming Context”
  2. “CN=Configuration,DC=www,DC=domain,DC=com” of “Configuration”
  3. “RootDSE” of “RootDSE”
  4. “CN=Schema,CN=Configuration,DC=www,DC=domain,DC=com” of “Schema”
Have more questions? Submit a request

0 Comments

Article is closed for comments.
Powered by Zendesk