WinSecWiki > Security Settings > Local Policies > Audit Policy > Object Access > SAM
SAM
This category allows you to track access to objects in the SAM (Security Account Manager) where local users and groups are stored on non-domain controller systems. To configure this on Server 2008 and Vista you must use auditpol. Windows 7 and Server 2008 R2 and later can use Group Policy.
Coverage on events generated by this category are currently in the Security Log Encyclopedia:
Back to top