none
Auditing in Active Directory Federation Services

    Question

  • Hi,

    I have Configured Active Directory Federation Service on Win2k8.
    I have configred Auditing the using follwoing instructions:
    1. Click Start, point to Administrative Tools, and then click Local Security Policy.
    2. Double-click Local Policies, and then click Audit Policy.
    3. In the details pane, double-click Audit object access.
    4. On the Audit object access Properties page, select either Success or Failure, or both, and then click OK.
    5. Close the Local Security Settings snap-in.
    6. At a command prompt, type gpupdate /force, and then press ENTER to immediately refresh the local policy.
    7. Repeat these steps on each of the federation servers in the partnership.
    8. Enable event logging for the federation server. Click Start, point to Administrative Tools, and then click Active Directory Federation Services.
    9. Right-click the Trust Policy node, and then click Properties.
    10. Scroll to the Event Log tab.
    11. Under Event log level, click to select and deselect the specific type of application event logs that you want to record, and then click OK.

    But when perform action such as Creating a Account Partner or Resource partner.
    My Question where does these events gets logged. Is it in Security log or Application  ?

    Monday, September 07, 2009 9:53 AM

All replies

  • Hello,

        Based on the search I have found this see if it helps

    You must turn on audit object access at each of the federation servers, for ADFS-related audits to appear in the Security log. This will allow the Federation Service to log either success or failure errors. For more information about how to turn on audit object access, see Audit object access ( http://go.microsoft.com/fwlink/?LinkId=62686).


    http://technetfaqs.wordpress.com
    Monday, September 07, 2009 10:49 AM
  • Hi,

     I have Already enabled it. but I could not find them.
    In security log, what is source name , is it Microsoft Windows Security auditing ?
    What is Task Category name, through which I can verify events are getting logged  or not ?
    Tuesday, September 08, 2009 4:49 AM