Re: Turn Off User Logging (Event Log)

From: Nick Wilson (nfwilson@hotmail.com)
Date: 02/12/03 

From: "Nick Wilson" <nfwilson@hotmail.com>
Date: Wed, 12 Feb 2003 13:57:17 -0500

Thanks for your suggestion Scott -- I did tried this, yet it appears the
successful logons are still being logged in eventvwr .. I think I will have
to see if there actually is a domain wide policy in place though. I am at a
loss to explain otherwise though..

- Nick

"Scott Schreckengaust" <scott.schreckengaust@aspentech.com> wrote in message
news:#zmajGs0CHA.2184@TK2MSFTNGP09...
> Start > Programs > Administrative Tools > Local Security Policy > Audit
> Policy
>
> look at the "Audit account logon events" and "Audit logon events"
> only do "Failure" since hopefully most will successfully logon...
>
> I believe Domain policies will override the local policies though...
>
> "Nick Wilson" <nfwilson@hotmail.com> wrote in message
> news:OPpU7ar0CHA.1288@TK2MSFTNGP11...
> > Hi there, this may seem to be a weird question, but I'll ask it anyways.
I
> > have an internal website that leverages NTLM authentication (CMServer
site
> > enabled) Every user is forced to go to this page each morning when they
> > logon. My issue though is that I would like to turn off the event
logging
> > that is done in the security logs for each user accessing this
webserver.
> I
> > don't need to see that users are succesully logging in at all (the
> security
> > event log is rather cumbersome to extract anythig useful out of it)
Since
> > IIS is logging as well, I think that this is kind of redudant. However I
> > can't seem to find a policy (either domain or local) that is dictating
> that
> > this shuld be logged. I have also not found any audit polices on the
> server
> > itself for the directories that users are accessing for web content. Any
> > ideas? To me, writing an 3 events every second has to be taking a hit on
> the
> > server at some point. Let me know what your thoughts are though. Thx.
> >
> > - Nick Wilson
> > nfwilson@hotmail.com
> >
> >
>
>

Relevant Pages

  • Audit Account Logon Events
    ... and we're trying to get successful audits of our user logon failures. ... Policies/Audit Policy/Audit account logon events: ... Even though we have this policy in place, ...
    (microsoft.public.win2000.security)
  • Re: Audit Account Logon Events
    ... I thought logon success/failure was only logged on the computer you're ... > and we're trying to get successful audits of our user logon failures. ... > following policy was changed at the default GPO: ... > logging the logon events for either successes or failures. ...
    (microsoft.public.win2000.security)
  • Re: Can not connect
    ... Be sure to look at the policy and make sure that the logon locally option ... This would keep you from logging in. ...
    (microsoft.public.win2000.security)
  • RE: Cant set Local Security policies. They fail to save
    ... predefined Security Template on SBS 2003 to restore security groups ... run "gpupdate.exe /force" under command prompt to force the policy ... reboot the Server to test. ... and then logon to client computer to test if user can save system logs. ...
    (microsoft.public.windows.server.sbs)
  • RE: Event ID 537 and Kerberos
    ... a logon type of 3 translates to Network. ... Click Services tab and select Hide All Microsoft Services and Disable ... Step 4: Configure account lockout policy. ... and then click Account Lockout Policy. ...
    (microsoft.public.windows.server.sbs)