Daily Archives: January 27, 2011

%SystemRoot%System32 Secrets: Auditpol

CLIThis command is very useful in case you need to fine-tune audit. For example you cannot set “Audit directory service changes” without setting “Audit directory service replication” using only GUI, because “There is no Windows interface tool available in Windows Server 2008 to view or set audit policy subcategories”. therefore, you need auditpol badly in case you need to set those subcategories. You also need it in order to script changes to or audit of SACL. You need it also to backup or restore those policies quickly (say you need to turn some auditing settings on for some time and turn them off later). You also can fully reset auditing policy.

Wow! While writing the text I become filled with awe. I definitely should have used it more =)

Syntax is quite excessive, so I just show you a very simple example:

image

Have fun! =)