Setting Up CA Auditing
Applies To: Windows Server 2003 with SP1
CA auditing depends on system object access auditing to be enabled. Therefore, to set up CA auditing for a system, a system administrator will have to
Enable Object Access Auditing on the system.
Enable auditing for the CA by selecting which group of events to audit in the MMC snap-in.
The following sections describe these steps in detail.
Enabling Object Access Auditing
When the CA Is on a Domain Controller
To enable object access auditing when the CA is on a Domain Controller (DC)
Select Start > Programs > Administrative Tools > Domain Controller Security Policy.
Expand Default Domain Controllers Security.
Expand Computer Configuration.
Expand Windows Settings.
Expand Security Settings.
Expand Local Policies.
Select Audit Policy.
Right-click Audit object access and select Properties.
Check Define these policy settings.
Check Success and Failure under Audit these attempts.
Click OK.
When the CA Is on a Member or a Workgroup Server
To enable object access auditing when the CA is on a member or a workgroup server
Select Start > Programs > Administrative Tools > Local Security Policy.
Expand Local Policies.
Select Audit Policy.
Right-click Audit object access and select Properties.
Check Success and Failure under Audit these attempts.
Click OK.
Enabling Auditing on the CA
To enable auditing of the CA
Open the MMC snap-in.
Right-click the CA and select Properties.
Click the Audit tab.
Check which groups of CA operations to audit.
Click OK.