WinSecWiki
Windows Security Settings
Articles
WinSecWiki
»
Windows Security Settings
»
Local Policies
»
Security Options
»
Audit: Force audit policy subcategory settings (Windows Vista or...
Audit: Force audit policy subcategory settings (Windows Vista or...
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings
By default, if you define a value for a policy in one of the top-level categories—either in the computer's Local Security Policy or in an applicable GPO—then that top-level policy will usually override any configurations that you make at the subcategory level with the
auditpol
command.
Under Windows’ default behavior, subcategory policies take effect only when you leave the related top-level category undefined in the Local Security Policy and in all applicable GPOs. If a category policy is defined, then all subcategory policies under that policy will be defined.
I stress usually and default behavior because this new Group Policy Object setting "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" reverses that behavior. If you enable this setting, then your subcategory configurations will override how the applied Group Policy sets the top-level policies.
To configure audit policy at the subcategory level see the
auditpol
command.
Add Your Comments
Name:
*
Email Address:
Web Address:
Verification Code:
*
Details
Applies To:
Vista, Windows Server 2008
Rated 5 stars based on 1 vote.
Article has been viewed 9,188 times.
Options
Bookmark Article
Social Bookmarks
Comments RSS
Upcoming Webinars
Cutting through the Hype: What is Big Data Security Analytics?
Top 6 Security Events to Monitor in SQL Server
Top 10 Security Events to Monitor in SharePoint
Additional Resources
Security Log Quick Reference Chart
Learn about the SharePoint Audit Log
Patch Tuesday Analysis
User name:
Password:
/
Forgot?
Register
Home