auditing logon failures



I am currently not auditing anything. I also do not have
any auditing setup on my domain controllers.

Since I have not set up any auditing anywhere, can someone
please tell me why in my security event log that I am
seeing audit failure events?

Is there another place to set up auditing that I am not
aware of?

When I do modify the default domain policy to audit
success and failures of log on attempts, I still only
recieve audit failures in my security logs. It is as if
there is a policy that is overriding the default domain

Herb Martin

There are two default policies that affect the DCs.

Default Domain policy
Default Domain Controller Policy (on their OU)

Either of these or policies you added in either place
(or theorectically on Sites in Sites & Services)

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question