Enable Administrator Audit Logging


Applies to: Exchange Server 2010 SP2, Exchange Server 2010 SP3

Use this topic to enable administrator audit logging if it's disabled. Administrator audit logging in Microsoft Exchange Server 2010 enables you to create a log entry each time a specified cmdlet is run. For more information about administrator audit logging, see Overview of Administrator Audit Logging.


Administrator audit logging relies on Active Directory replication to replicate the configuration settings you specify to the domain controllers in your organization. Depending on your replication settings, the changes you make may not be immediately applied to all Exchange 2010 servers in your organization.
Changes to the audit log configuration are refreshed every 60 minutes on computers that have the Shell open at the time a configuration change is made. If you want to apply the changes immediately, close and then open the Shell again on each computer.


You must specify the cmdlets and parameters you want to audit, and you must also specify the destination audit logging mailbox before you enable administrator audit logging. For more information about how to configure administrator audit logging, see Configure Administrator Audit Logging.

Use the Shell to enable administrator audit logging

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "Administrator audit logging" entry in the Exchange and Shell Infrastructure Permissions topic.

To enable administrator audit logging, use the following command:

Set-AdminAuditLogConfig -AdminAuditLogEnabled $True

Other Tasks

After you enable administrator audit logging, you may also want to:

 © 2010 Microsoft Corporation. All rights reserved.