Audit Policy: DS Access: Directory Service ChangesID: oval:org.secpod.oval:def:19042 | Date: (C)2014-05-29 (M)2021-06-02 |
Class: COMPLIANCE | Family: windows |
Auditing of DS Access: Directory Service Changes events on failure should be enabled or disabled as appropriate.
Audit Directory Service Changes, which determines whether the operating system generates audit events when changes are made to objects in Active Directory Domain Services (AD DS). The types of changes that are reported are: * Create * Delete * Modify * Move * Undelete. Directory Service Changes auditing, where appropriate, indicates the old and new values of the changed properties of the objects that were changed. This subcategory only logs events on domain controllers. Changes to Active Directory objects are important events to track in order to understand the state of the network policy.
Fix:
(1) GPO: Commandline: auditpol.exe
(2) REG: NO INFO
Platform: |
Microsoft Windows Server 2008 R2 |