Disable logon and logoff events (event id 4624, 4625, 4634 (and all the other ones...))
I have tried several times to make my domain controller not log logon and logoff events in the security log. But it seems to ignore the settings in the domain controller group policy. I now use Auditpol in stead - that works (thanks Morgan J):
To disable all logon and logoff messages in the security log use (in an elevated command prompt):
auditpol /set /category:"Logon/Logoff" /success:disable
&
auditpol /set /category:"Logon/Logoff" /failure:disable
It is also possible to just disable the logon messages by using the subcategory switch:
auditpol /set /subcategory:"Logon" /success:disable
&
auditpol /set /subcategory:"Logon" /failure:disable
To view the current settings, run:
auditpol /get /category:*
To disable all logon and logoff messages in the security log use (in an elevated command prompt):
auditpol /set /category:"Logon/Logoff" /success:disable
&
auditpol /set /category:"Logon/Logoff" /failure:disable
It is also possible to just disable the logon messages by using the subcategory switch:
auditpol /set /subcategory:"Logon" /success:disable
&
auditpol /set /subcategory:"Logon" /failure:disable
To view the current settings, run:
auditpol /get /category:*
Kommentarer
Send en kommentar