Auditing Stand-Alone Servers in a Windows NT Domain

• Microsoft Windows NT Workstation versions 3.5 and 3.51
• Microsoft Windows NT Server versions 3.5 and 3.51

PROBLEM

The Audit Policy for your domain is set to audit File and Object Access Success and Failure. You use File Manager to connect to a share on one of your Windows NT servers. The server is a member of the domain but is not a domain controller. You highlight a directory, click on Security, Auditing, select Events to Audit, and Add Users and Groups. Clicking OK returns the following:

   Current audit policy does not have auditing turned on. Ask an
   Administrator to use User Manager to turn on auditing.

RESOLUTION

Start User Manager for Domains, click User, Select Domain, and enter the Server's name instead of a domain name. For instance, if you wish to audit events on the stand-alone server \\SA_SERVER, type "\\SA_SERVER" (without the quotes) in the Domain box. User Manager will display accounts database of \\SA_SERVER. Proceed to set the Audit Policy for \\SA_SERVER.

MORE INFORMATION

Domain audit policies apply to domain controllers. Domain audit policies will not automatically take effect on stand-alone Windows NT servers even though such servers may be members of a domain. To establish audit policies on a stand-alone server, User Manager must be focused on the server, not on the domain.