Account Logon: Audit Credential ValidationID: oval:gov.nist.usgcb.windowsseven:def:100216 | Date: (C)2012-04-13 (M)2022-10-10 |
Class: COMPLIANCE | Family: windows |
This policy setting allows you to audit events generated by validation tests on user account logon credentials.
Events in this subcategory occur only on the computer that is authoritative for those credentials. For domain accounts, the domain controller is authoritative. For local accounts, the local computer is authoritative.
Volume: High on domain controllers.
Default on Client editions: No Auditing.
Default on Server editions: Success.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\System Audit Policies\Account Logon\Audit Credential Validation events on failure
(2) REG: INFO NOT AVAILABLE
Platform: |
Microsoft Windows 7 |