Answer the question
In order to leave comments, you need to log in
C
C
Crovax2017-03-28 08:44:31
Crovax, 2017-03-28 08:44:31
Why are there no audit events in the Security log?
Good afternoon.
There are 3 domain controllers on Windows Server 2012R2.
Yesterday, suddenly, they stopped being written to the Security log of the user login audit event.
After a little investigation, it turned out that these events had not been recorded at one of the DCs for a week and a half. I can’t say for sure whether this is a failure or whether users simply did not log in through this DC.
The corresponding policy settings are in the Default Domain Controllers Policy.
On the Internet, I did not find information on such a problem.
Please help if anyone has any ideas.
2 answer(s)
@Crovax
@AxianLTD
C
Crovax, 2017-03-28 @Crovax
Solved a problem.
Used policy setting 1 instead of 2.
Although before everything worked with setting 2.
Axian, I did not see it. Looked. Deleting audit.csv did not solve the problem.
A
Axian Ltd., 2017-03-28 @AxianLTD
https://www.petri.com/forums/forum/server-operatin...
https://blogs.msdn.microsoft.com/spatdsg/2011/06/0...
https://social.technet. microsoft.com/Forums/window...
Have you seen it?
Similar questions
D
Dmitry2017-08-21 18:43:01
How to fix the error PG::ConnectionBad could not connect to server?
3Reply
T
M
I
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question