Audit Policy: Account Logon: Kerberos Authentication Service (Failure)ID: oval:org.secpod.oval:def:18765 | Date: (C)2014-05-29 (M)2021-06-02 |
Class: COMPLIANCE | Family: windows |
Auditing of Account Logon: Kerberos Authentication Service events on failure should be enabled or disabled as appropriate.
This security policy setting allows you to generate audit events for Kerberos authentication ticket-granting ticket (TGT) requests. If you configure this policy setting, an audit event is generated after a Kerberos authentication TGT request. Success audits record successful attempts and Failure audits record unsuccessful attempts.
Fix:
(1) GPO: Commandline: auditpol.exe
(2) REG: NO INFO
Platform: |
Microsoft Windows Server 2008 R2 |