Skip navigation
Menu
Compute Engines

JSI Tip 9584. How can I audit account management events?


Accounts management events include the creation, deletion, and modification of an account, as well as renaming, disabling, and enabling an account, and the setting or changing of a password.

You can use Group Policy to specify whether to audit all activity, or just successes, or just failures.

To enable account management auditing:

1. In the Group Policy Editor, navigate to
Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy.

2. in Audit account management, check the Define these policy settings box.

3. Check the Success and / or Failure boxes.

4. Press Apply and OK.

NOTE: If you subsequently want to disable auditing, clear the Success and Failure boxes.



Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
empty cockpit of autonomous car
What Is a Real-Time Operating System, and Who Needs One?
Mar 05, 2024
ERP button on keyboard
5 ERP Trends to Watch in 2024
Jan 17, 2024
automation key on keyboard
Storage Management as a Case Study for Network Automation Adoption
Dec 21, 2023
Abstract technology concept lighting effect on dark blue background
Top 10 Stories About Compute Engines, Linux in 2023
Dec 18, 2023