Re: Auditing Account Logons
From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 02/20/05
- Previous message: Will Wally: "Auditing Account Logons"
- In reply to: Will Wally: "Auditing Account Logons"
- Next in thread: Will Wally: "Re: Auditing Account Logons"
- Reply: Will Wally: "Re: Auditing Account Logons"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 20 Feb 2005 05:59:16 -0700
Are you seeing this when viewing the security logs while logged
into a domain controller, or a workstation?
How many domains are involved here? All in one forest ?
-- Roger Abell Microsoft MVP (Windows Security) MCSE (W2k3,W2k,Nt4) MCDBA "Will Wally" <nomail@nomail.net> wrote in message news:uvmnv1sFFHA.936@TK2MSFTNGP12.phx.gbl... > I need to audit when a user logs on to the domain from a workstation. In the > Domain Controller policy, I enabled "Audit Account Logon Events > (success/failure)" and "Audit Logon Events (success/failure)" under Conputer > Configuration > Windows Settings > Security Settings > Local Policies > > Audit Policy. It seems to be working, but the security logs don't show what > workstation they are logging in from. They show a Workstation GUID, but no > workstation name. How do I get it to show which workstations the users are > logging in from? > >
- Previous message: Will Wally: "Auditing Account Logons"
- In reply to: Will Wally: "Auditing Account Logons"
- Next in thread: Will Wally: "Re: Auditing Account Logons"
- Reply: Will Wally: "Re: Auditing Account Logons"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
