Email this to a friend
 
posted on January 1st 1970, at 01:00
by lunarg
By default, audit of success and failure is enabled on Network Policy Server. This will log authentication attempts in the Security event log (filter on event IDs 6272 and 6273). If for some reason, it is not enabled, you can manually enable it via command-line (or Powershell).To view the current audit policy settings, run:

auditpol /get /subcategory:"Network Policy Server"

If it says No auditing, you can enable it by running:

auditpol /set /subcategory:"Network Policy Server" /success:enable /failure:enable

Note that a group policy can override this behaviour. Settings in GPO are located here: Computer Configuration → Policies → Windows Settings → Secu  ...

Send a link to this post to yourself or a friend.

Send to e-mail:
Your name:
Your e-mail:
Captcha:
Type the letters and numbers as shown.
/get/captcha/1721898615
Not readable? Get another.
 
Information entered is solely used for sending a one-time e-mail, and is not retained and/or passed on to a third party.
 
 
 
 
« July 2024»
SunMonTueWedThuFriSat
 123456
78910111213
14151617181920
21222324252627
28293031   
 
Links
 
Quote
« You only find out who is swimming naked when the tide goes out. »
Warren Buffett