Re: No security logs on NT Server?

Mitchell B. Wagers ( (no email) )
Fri, 06 Mar 1998 12:25:58 -0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Previous message: Kurt Schafer: "Max4000's and V.90"
Next message: Kurt Schafer: "Max4000's and V.90"

Common misconception here...This is fully explained in the NT
Administration manuals. Security logs are kept by the PDC on a domain
network as long as the resources are authenticated via the domain, which
means the PDC MUST grant the user access. However, local accounts (such as
WWW clients) will be logged on the local machine IF those options are in
effect. You need to understand NT Domains before you can work with them! If
your PDC is logging security, then you have those options set in Audit
properties for that domain, which is probably yourcompany.com. But, if you
aren't getting local security logs, then you don't have those options set
in the Audit properties for MACHINENAME, which is dealt with as an entirely
separate domain, handled locally by the machine that runs the service.

Mitch Wagers
Network Operations Manager
OCS Software, Inc.

At 02:34 PM 3/6/98 -0500, you wrote:
>
>
>>Does anyone know why an NT Server (4.0 SP3...) would not be logging
>>anything in the Security area of the Event Viewer? Ever since I setup
>this
>>machine, it logs Application and System but not Security. This machine
>is
>>not a PDC or BDC, but is a member of another NT domain.
>
>
>We have a machine like that at work; I believe that so long as no users
>are needing to log into any services thru the NT SAM on that machine,
>you won't see much in the way of a security log.
>What services are you running on that machine?
>
>Sam
>
>
> ----------------------------------------------------------
> NTISP Mailing List listserver@emerald.iea.com
>
>

Previous message: Kurt Schafer: "Max4000's and V.90"
Next message: Kurt Schafer: "Max4000's and V.90"