Ensure Audit Success and Failure for 'Account Logon: Audit Kerberos Authentication Service'ID: oval:org.secpod.oval:def:14761 | Date: (C)2013-08-13 (M)2022-10-10 |
Class: COMPLIANCE | Family: windows |
This policy setting allows you to audit events generated by Kerberos authentication ticket-granting ticket (TGT) requests.
If you configure this policy setting, an audit event is generated after a Kerberos authentication TGT request. Success audits record successful requests and Failure audits record unsuccessful requests.
If you do not configure this policy setting, no audit event is generated after a Kerberos authentication TGT request.
Volume: High on Kerberos Key Distribution Center servers.
Default on Client editions: No Auditing
Default on Server editions: Success.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\System Audit Policies\Account Logon\Kerberos Authentication Service
(2) REG: INFO NOT AVAILABLE
Platform: |
Microsoft Windows 7 |