Hello Siba,
Thank you for posting in Q&A forum.
Did you set gpedit.msc on one domain member server or Domain Controller or one domain client machine?
There are two locations we can configure the audit policies:
Security Settings\Local Policies\Audit Policy
Security Settings\Advanced Audit Policy Configuration\System Audit Policies
Once we used the Advanced audit policy in the system, the legacy audit policy will not be used by this system.
Generally, we can check if the GPOs are applied via the gpresult /h. But it is not suitable and accurate to check the audit policies. We check the audit policies applying result via the auditpol command:
auditpol /get /category:* >c:\filename.txt
If this command results in any audit policies, the advanced audit policy settings are configured.
Please check if you have configured Computer Configuration\Policies\Windows Settings\Security Settings\Advanced Audit Policy Configuration\Audit Policies\Account Logon\Audit Credential Validation=> Success=enabled via Domain GPO and apply it to the same machine.
If no any domain GPO with such setting applies to this machine, it will apply the default setting within Default Domain Policy below.
Default values on Client editions:
Credential Validation: No Auditing
Default values on Server editions:
Credential Validation: Success
I hope the information above is helpful.
If you have any questions or concerns, please feel free to let us know.
Best Regards,
Daisy Zhou
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.