Audit Clients
All RPC-based servers are potential audit clients; DCE servers and user-written application servers. The DCE Security Service and the Distributed Time Service are auditable. That is, code points (discussed in the next topic) are already in place in these services.
The audit daemon can also audit itself.
Audit clients should have the log permission to the audit daemon object to be able to use the central audit trail file. Permissions to the audit daemon are discussed in DCE Audit Service Administrative Tasks.