We at ManageEngine always suggest that you track Active Directory and file changes with advanced auditing in lieu of the traditional audit policy settings. There’s a catch, though: how do you verify that your settings are in place? If you’ve been following our blogs for a while, you know that we truly rely on secpol.msc for most settings that are deployed in the Security Settings area of a GPO. However, that fails with advanced audit policy reporting!
So, what are you to do?
For some odd reason, secpols.msc fails to report on the advanced audit policy configurations. We could call up Microsoft and ask, but in cases like this, it is just not worth the effort.
Rsop.msc is another option, but unfortunately, the results from rsop.msc don’t even show the advanced audit policies!
We can then go back to the roots of advanced audit policy, which is the command line option. If you were to run the following command from the computer where you are verifying the current settings, it would show you the full listing of all advanced audit policy settings and subcategories:
Auditpol /get /category:*
Figure 1 illustrates what that looks like in my domain.
Figure 1. The auditpol command can show the actual advanced audit policy configurations on a computer.
Now that you can verify what you are auditing, I highly suggest that you verify all of your computer settings for the advanced audit policy configurations. If you don’t verify, there is no way to know with certainty that your computers are configured properly.
How to get back my data I have the unlimited data and o just paid it on the 28th of February
Hi Jessica. Please contact support for assistance: https://www.manageengine.com/support.html.