You can set the audit policy as follows.

=====
1. “Start -> Run”.
2. Type ‘gpedit.msc’ (without the quotes).
3. Navigate to “Local Computer Policy -> Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Audit Policies -> Audit logon events”.
4. Highlight and right-click and select properties.
5. Configure as desired.
=====

Note: Logging in without a password counts as a “failure”. This results in the security log filling up very fast if you log failures and have a user without a password. The result is you cannot login normally. Also note, not having a password is a potential and probable security risk.

The event log can be viewed by going to
—–
1. “Start -> Control Panel ->  Performance and Maintenance -> Administrative Tools”.
2. Click on “Event Viewer”.
3. Look in the Event Log (Security) for a Logon/Logoff Event 528. It should have a Logon Type 10.
—–

Post Views: 24

Leave a Reply

This website stores cookies on your computer. These cookies are used to provide a more personalized experience and to track your whereabouts around our website in compliance with the European General Data Protection Regulation. If you decide to to opt-out of any future tracking, a cookie will be setup in your browser to remember this choice for one year.

Accept or Deny