Microsoft KB Archive/232714

= HOW TO: How to Enable Auditing of Directory Service Access =

Article ID: 232714

Article Last Modified on 2/26/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Datacenter Server

-



This article was previously published under Q232714





IN THIS TASK
SUMMARY
 * Enable Auditing of Active Directory



SUMMARY
This step-by-step article describes how to enable auditing of Active Directory.

Administrators can monitor access to Active Directory, causing successful and "failed" access events to be logged in the Directory Service event log. This event log is present only on Windows 2000 domain controllers.

back to the top

Enable Auditing of Active Directory
To enable auditing of Active Directory:
 * 1) Start the Active Directory Users and Computers snap-in by clicking Start, pointing to Programs, and then pointing to Administrative Tools.
 * 2) On the View menu, click Advanced Features.
 * 3) Right-click the Domain Controllers container, and then click Properties.
 * 4) Click the Group Policy tab.
 * 5) Click Default Domain Controller Policy, and then click Edit.
 * 6) Double-click the following items to open them: Computer Configuration, Windows Settings, Security Settings, Local Policies, Audit Policy.
 * 7) In the right pane, open Audit Directory Services Access.
 * 8) Click the appropriate option(s): Audit Successful Attempts and/or Audit Failed Attempts.
 * 9) Open the Security Log to view logged events.

NOTE: In Windows 2000, domain controllers poll for policy changes every five minutes. Other domain controllers in the enterprise receive the changes at this interval plus the time of replication.

back to the top

Keywords: kbenv kbhowto kbhowtomaster KB232714

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.