Auditpol Set Command In Windows Server 2008
In this article I am going to explain about Auditpol Set command in Windows Server 2008 operating system and also explain it's related syntax.
Introduction
Auditpol set is sub command of auditpol command. Retrieve a list of all the settings (which includes system policy, per-user policy, auditing options and audit security descriptor ) for the audit categories and subcategories object. It is act of creating new entry for the system or a particular user. Basic syntax for using this sub command is given below.
Syntax
Auditpol /set
[/user[:<username>|<{sid}>][/include][/exclude]]
[/category:<name>|<{guid}>[,:<name|<{guid}>…]]
[/success:<enable>|<disable>][/failure:<enable>|<disable>]
[/subcategory:<name>|<{guid}>[,:<name|<{guid}>…]]
[/success:<enable>|<disable>][/failure:<enable>|<disable>]
[/option:<option name> /value: <enable>|<disable>]
|
Parameter List
Parameter |
Description |
/user |
Security principal for whom the per-user audit policy is queried. |
/include |
Indicates that the user's per-user policy will cause an audit to be generated even if it is not specified by the system audit policy. |
/exclude |
Indicates that the user's per-user policy will cause an audit to be removed. |
/category |
Audit categories specified by GUID or name. |
/subcategory |
One or more audit subcategories specified by GUID or name. |
/success |
Denotes success auditing. |
/failure |
Specifies failure auditing. |
/option |
Sets the audit policy for the CrashOnAuditFail, FullPrivilegeAuditing, AuditBaseObjects, or AuditBaseDirectories options. |
/sd |
Sets the security descriptor used to delegate access to the audit policy. |
Got a programming related question? You may want to post your question here