+ Post New Thread
Results 1 to 3 of 3
Windows Server 2000/2003 Thread, RM CC3 domain controller group policy option question in Technical; Our CC3 domain controllers have a policy whereby they only log security failure audit events, and not successes... this is ...
  1. #1

    Oaktech's Avatar
    Join Date
    Jul 2011
    Location
    Bournemouth
    Posts
    3,217
    Thank Post
    943
    Thanked 645 Times in 504 Posts
    Rep Power
    288

    RM CC3 domain controller group policy option question

    Our CC3 domain controllers have a policy whereby they only log security failure audit events, and not successes... this is becoming an issue as our Palo Alto reads these logs looking for events 672, 673 and 675 to determine who is logged into a machine.

    If I change the group policy to log success audit is the RM world going implode?

    We've ended our support contract with RM now as we are going to be migrating in the summer away from RM, so I can't ask them!

    'Elp.

  2. #2

    AngryTechnician's Avatar
    Join Date
    Oct 2008
    Posts
    3,730
    Thank Post
    698
    Thanked 1,214 Times in 761 Posts
    Rep Power
    395
    It should not cause any major issues with CC3. Your main concern will be log size, and therefore retention period. You will typically have at least 1 order of magnitude more success audits than failure audits, so you will reach the maximum log size much more quickly once they enabled, leading to a much shorter log retention period (unless you increase the maximum log size).

  3. #3

    Oaktech's Avatar
    Join Date
    Jul 2011
    Location
    Bournemouth
    Posts
    3,217
    Thank Post
    943
    Thanked 645 Times in 504 Posts
    Rep Power
    288
    Thanks for that. I've taken the plunge and we'll see what happens tomorrow...



SHARE:
+ Post New Thread

Similar Threads

  1. RM CC3 Domain Controller Remote Desktop problem - CTS-SR-001
    By apur32 in forum Windows Server 2000/2003
    Replies: 7
    Last Post: 26th May 2012, 02:12 PM
  2. Domain Group Policy Questions
    By M0MST in forum Windows Server 2008
    Replies: 4
    Last Post: 4th November 2010, 11:02 AM
  3. Domain Controller Security Policy error
    By bertster in forum Windows
    Replies: 0
    Last Post: 15th September 2009, 12:41 PM
  4. Disable the autocorrect options in group policy
    By Liam in forum How do you do....it?
    Replies: 2
    Last Post: 24th October 2007, 01:49 PM
  5. Replies: 16
    Last Post: 9th March 2007, 04:03 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •