Computer Configuration changes in Local Security Policy have no effect RRS feed

  • Question

  • I enabled Audit Object Access: Failure auditing in Local Security Policy -> Local Policies -> Audit Policy.  I enabled auditing for a folder, rebooted the computer, and tried to test it with a user account that doesn't have access.  No audit failure logs were generated.

    I checked RSoP, and it shows the Audit Object Access setting as Not Defined, with no source GPO.  I checked Gpresult, it also had no Audit Policy settings applied.  I open up Local Computer Policy\Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy, and the setting is enabled for Failure.  I check RSoP again, and it indicates that anything set under Local Computer Policy\Computer Configuration is being ignored.  If it's not configured in the Default Domain Policy, it's showing up as Not Defined.  Settings made under User Configuration are applying correctly, however.

    I know that Local GPOs will get overwritten by any domain GPO, but there's nothing overwriting it.  In this case, Local GPO User Configuration settings are being applied, but Computer Configuration settings are being ignored.  /boggle

    This is running Vista Ultimate SP1 as part of a domain.
    Wednesday, March 3, 2010 5:18 AM