Auditing Stand-Alone Servers in a Windows NT Domain (151720)
The information in this article applies to:
- Microsoft Windows NT Workstation 3.5
- Microsoft Windows NT Workstation 3.51
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows NT Server 3.5
- Microsoft Windows NT Server 3.51
- Microsoft Windows NT Server 4.0
This article was previously published under Q151720 SYMPTOMS
The Audit Policy for your domain is set to audit File and Object Access
Success and Failure. You use File Manager to connect to a share on one of
your Windows NT servers. The server is a member of the domain but is not a
domain controller. You highlight a directory, click on Security, Auditing,
select Events to Audit, and Add Users and Groups. Clicking OK returns the
following:
Current audit policy does not have auditing turned on. Ask an
Administrator to use User Manager to turn on auditing.
RESOLUTION
Start User Manager for Domains, click User, Select Domain, and enter the
Server's name instead of a domain name. For instance, if you wish to audit
events on the stand-alone server \\SA_SERVER, type "\\SA_SERVER" (without
the quotes) in the Domain box. User Manager will display accounts database
of \\SA_SERVER. Proceed to set the Audit Policy for \\SA_SERVER.
MORE INFORMATION
Domain audit policies apply to domain controllers. Domain audit policies
will not automatically take effect on stand-alone Windows NT servers even
though such servers may be members of a domain. To establish audit policies
on a stand-alone server, User Manager must be focused on the server, not on
the domain.
| Modification Type: | Major | Last Reviewed: | 5/14/2003 |
|---|
| Keywords: | KB151720 |
|---|
|