auditing logon failures

  • Thread starter Thread starter David
  • Start date Start date
D

David

I am currently not auditing anything. I also do not have
any auditing setup on my domain controllers.

Since I have not set up any auditing anywhere, can someone
please tell me why in my security event log that I am
seeing audit failure events?

Is there another place to set up auditing that I am not
aware of?

When I do modify the default domain policy to audit
success and failures of log on attempts, I still only
recieve audit failures in my security logs. It is as if
there is a policy that is overriding the default domain
policy.
 
There are two default policies that affect the DCs.

Default Domain policy
Default Domain Controller Policy (on their OU)

Either of these or policies you added in either place
(or theorectically on Sites in Sites & Services)
 
Back
Top