none
W2008 R2 is not applying Domain Audit Policy or Domain Controller Audit policy

    Question

  • The situation is this

    After enabling Advance Audit Policy on the Domain Controllers OU, one of the DCs does not apply the Domain Controllers Audit Policy (every other DCs in the OU does it) and after a quick check, doesn’t apply the Domain Audit policy neither

    We have tried already:

    1. Disabling the Advance Audit policy and return to the Basic Audit with no results
    2. Deleting Audit.csv files to “refresh” the Audit settings, after Auditpol /clear, with no results
    3. Stick with the Advacne Audit policy, and force the subcategory settings on the trouble server performing a Auditpol /restore from one of the functioning servers.

    After the attempt 3, the trouble server took the correct subcategory audit configuration but it “seems” to be “offline”, as when performing any change to the Advance Audit settings from the GPO interface , the change doesn’t replicate in the trouble Server.

    According to gpresult, the trouble server has not Advance audit policy enabled, when the Advance Audit policy in the Domain Controllers OU is enabled by the DC Audit policy.

    Now, another strange thing is, when accessing the local policies (gpedit.msc), the Basic audit local policy is configured as it was in an older version of the Domain Audit policy and cannot be change by any means.

    Any idea what else I can do to bring this server from its “offline” Audit Status?

                    Thanks in advance

    S.Nicolazz


    PS: I have already applied a lot of suggestions already posted in this forum with no results.
    Tuesday, July 30, 2013 3:52 PM

All replies