Sign in
 
HomeWindows Server 2012Windows Server 2008 R2Windows Server 2003LibraryForums
Windows Server TechCenter >
Advanced Audit Policy Configuration settings doesn't show up in gpresult /H

Answered Advanced Audit Policy Configuration settings doesn't show up in gpresult /H

  • Monday, December 03, 2012 7:46 PM
     
     
    Sign In to Vote
    0

    Hello Folks,

    I have configured Advanced Audit Policy Configuration settings GPO and applied that to an OU which contains server objects.

    Now, how do I verify that, these settings are applicable on the servers ?

    When I ran gpresult /H on a sample server which has the GPO linked to it, I did not see those policy settings in the html file.

    Am I missing something basic here ? or is this a bug ?

    Thanks for any inputs.


     

All Replies

  • Tuesday, December 04, 2012 3:36 AM
    Moderator
     
     Answered
    Sign In to Vote
    1

    Hi,

    You should use the following command to check the details of advanced audit policy:
    auditpol.exe /get /category:*

    Please read "To verify that the advanced logon security audit policy settings were applied correctly" section of below aritcle:
    http://technet.microsoft.com/en-us/library/dd408940(v=ws.10).aspx

    Regards,
    Cicely

     
  • Tuesday, December 04, 2012 4:44 AM
     
     
    Sign In to Vote
    0

    Thanks Cicely.

    Using the command " auditpol.exe /get /category:* ", I could see the policy applied on the server.

    However as I mentioned earlier, these settings do not appear in GPResults, it indeed appears to be a bug which went unnoticed without fix even till today.

    Has this been fixed in Windows Server 2012 ?

    Thanks

     
  • Tuesday, December 04, 2012 5:19 AM
    Moderator
     
     Answered
    Sign In to Vote
    1

    Hi,

    What user account did you use to generate the report of gpresult /h command?

    I edited Advanced audit policy in default domain policy, and used domain admin account to login to the workstation and generate the report.html, and I can see it appears in the report.

    Advanced audit policy is a computer configuration, you need to have admin priveledge to view Computer Configuration settings.

    Regards,
    Cicely

     
  • Tuesday, December 04, 2012 8:23 AM
     
     
    Sign In to Vote
    0

    Hi Cicely,

    Thanks for responding.

    I used my domain account to generate report. My domain account is not part of Domain Admins group however, my account is part of 'Domain\Administrators' and 'Group Policy Creator Owners' groups and I do have rights (Delegated) to edit the Default Domain Policy and Default Domain Controller Policy.

    The server on which report has been generated, I do have local admin rights also.

    I will add my domain account to domain admins group to check the report again.

    I will post back with my findings.

    Thanks again.

     
  • Tuesday, December 04, 2012 9:42 AM
     
     
    Sign In to Vote
    0
    Cicely, you are correct. With appropriate rights I could see those policy being applied in the html report.