audit policy is special. Local Security Policy may not be accurate to see the 'effective' policy.
instead, try:
auditpol /get /category:*
https://support.microsoft.com/en-us/topic/2f6a528c-9ef5-8ab5-e3ca-f7856f5bf5fc
Local policy not reflecting applied GPO
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 4%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EY%3C/text%3E%3C/svg%3E)
YaroC
321
Reputation points
I run gpresult to make sure the right GPO is the winning one and compared some audit related settings to what the GPO has set. For some reason I see that lots of GPO flags are not reflected in local policy. E.g. Object Access if said to Failed in the GPO yet checking in local policy it's has No Auditing set. Same goes for various Advanced audit configurations. What could be causing such deviation and how can this be fixed?
Windows for business | Windows Client for IT Pros | User experience | Other
Answer accepted by question author
-
DonPick 1,266 Reputation points2021-08-24T11:07:32.417+00:00
2 additional answers
Sort by: Most helpful
-
YaroC 321 Reputation points
2021-08-24T11:54:40.547+00:00 Indeed auditpol shows all the flags set as expected whereas gpedit doesn't which is a bit of a shame.
-
Limitless Technology 40,101 Reputation points2021-08-24T10:05:51.187+00:00 Hello,
Thank you for your question.
I would like to suggest you open run as Admin from cmd and you will see all gpo being applied and gpo name which override aswell.
C:> gpresult /h c:\temp\gpresult.html
If the reply was helpful, please don’t forget to upvote or accept as answer.
Thanks,
PRAKASH T