Auditing user logins

J

Jim

What is the best way to go about auditing user logins for
specific users?

I've looked at the domain security policy and domain
controller security policy and turned on all the auditing
but that doesn't appear to be what I'm looking for as I
dont get any event log entries for users but I get alof
of computer authentications instead.

TIA
 
B

Brian Desmond [MVP]

Jim-

You can't get the granularity of specific accounts, at present at least.
Take a look at the security audit settings in your default domain policy.
You need to turn on user logon audits.

--
--
Brian Desmond
Windows Server MVP
(e-mail address removed)12.il.us

Http://www.briandesmond.com
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

User auditing 2
Domain Security Policy vs. OU specific Policy 1
Effect of auditing SYSVOL directory? 1
local polcy does not get effective 3
Security Auditing 1
Password policy + last user name 2
Account management events audit !! 2
Auditing / Event Log Entries... 4

Top