This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AD Advanced Audit Configuration

We're consolidating 2 Windows 2012 R2 forests into another 2012 R2 forest and the new audit settings for 2012 R2 are getting in the way. With the introduction of server 2008 we got the new Advanced Audit Configuration (Computer Configuration -> Windows Settings -> Security Settings -> Advanced Audit Policy Configuration -> Audit Policies) which can be configured to override the older category settings. It took a great deal of fine-tuning Advanced Audit Policy settings to get QMM to recognize that auditing was turned in the target. Now I'm struggling to get this to work for the source domains. The QMM documentation does not address the advanced audit policy config, which is something these domains need to have enabled. Despite all settings being enabled for success / fail for account management and DS access, the DSA log stills says auditing needs to be enabled on the source domains. But if we run audit pol or RSOP, the settings are clearly enabled. Has anyone else run into this issue?

Parents
  • In this case, DJ is using the Agentless Dis History option. So that means QMM will be using the same APIs are ADMT. If he was using the built in Sid history/Agent function this would not be an issue.
Reply
  • In this case, DJ is using the Agentless Dis History option. So that means QMM will be using the same APIs are ADMT. If he was using the built in Sid history/Agent function this would not be an issue.
Children
No Data