G
Guest
Guest
Archived from groups: microsoft.public.win2000.security (More info?)
Is there a way within Windows 2000 Server to only audit user logon and
logoff events? I turned on this auditing feature on the Domain Controller,
but I keep getting useless audit information from the SYSTEM and
ComputerName$ accounts. Then I get a 100 different 528, 538, and 540 events
from every single user during the course of one day, and this just increases
the event log file tremendously. I just want to log when a user logs in and
logs off. Can this be done without logging the other stuff?
thanks
Is there a way within Windows 2000 Server to only audit user logon and
logoff events? I turned on this auditing feature on the Domain Controller,
but I keep getting useless audit information from the SYSTEM and
ComputerName$ accounts. Then I get a 100 different 528, 538, and 540 events
from every single user during the course of one day, and this just increases
the event log file tremendously. I just want to log when a user logs in and
logs off. Can this be done without logging the other stuff?
thanks