Click here to shrink
Click here to expand Click here to expand

Configure audit policies - Manual configuration

Audit policies must be configured to log events whenever any activity occurs.

For module logging

  1. Log in to any computer that has the Group Policy Management Console (GPMC) with domain admin credentials. 
  2. Open the GPMC and, based on your setup, edit the:
    • Default Domain Controllers Policy to enable module logging on a DC.
    • ADAuditPlusMSPolicy to enable module logging on a Windows server.
  3. In the Group Policy Management Editor, go to Computer Configuration > Policies > Administrative Templates > Windows Components > Windows Powershell. Navigate to the right pane, and right-click on Turn on Module Logging > Enabled.
  4. In the Options pane, click on Show. In the Module Names window, enter * to record all modules, and press OK.

Configure audit policies in your domain in ADAudit Plus

For script block logging

  1. Log in to any computer that has the GPMC with domain admin credentials. 
  2. Open the GPMC and, based on your setup, edit the:
    • Default Domain Controllers Policy to enable module logging on a DC.
    • ADAuditPlusMSPolicy to enable module logging on a Windows server.
  3. In the Group Policy Management Editor, go to Computer Configuration > Policies > Administrative Templates > Windows Components > Windows Powershell. Navigate to the right pane, and right-click on Turn on PowerShell Script Block Logging > Enabled.

Configure audit policies in your domain in ADAudit Plus

Don't see what you're looking for?

  •  

    Visit our community

    Post your questions in the forum.

     
  •  

    Request additional resources

    Send us your requirements.

     
  •  

    Need implementation assistance?

    Try OnboardPro

     

On this page

Copyright © 2020, ZOHO Corp. All Rights Reserved.

Get download link