Domain Security Policy

[Guest]

On Win2K Server, I have enabled some of the Audit Policies under Local
Policies in Domain Security Policy. How can I audit them? Do they get logged
in event viewer?

How can I audit, if a user was added, deleted or its group membership was
changed? And who changed it?

 

[Arc J. Thames]

All security audit events end up in the "Security Log" in event viewer.
For auditing account adds/deletes...audit "Account Management" events.

Arc
MCSE/MCSA 2k/2k3, MCT

 

[Guest]

Thanks Arc
I do have "Audit Account Management" enabled for Sucess and Failure for a
while. I created 2 new uses but I don't see any log in Security events. What
could be wrong?