1. I have a legacy audit policy applying from domain policy that configures Object Access auditing:
2. I have advanced audit configuration applying from domain policy that sets AD changes, account lockouts, and logons:
3. I have advanced audit configuration applying from local policy for process startup and termination:
4. I have granular audit settings configured using auditpol.exe /set for file share access:
auditpol.exe /get /category:*
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.