Audit Directory Service Access

Applies To: Windows 7, Windows Server 2008 R2

This security policy setting determines whether the operating system generates events when an Active Directory Domain Services (AD DS) object is accessed.


Audit events will only be generated on objects with configured system access control lists (SACLs), and only when they are accessed in a manner that matches the SACL settings.

These events are similar to the Directory Service Access events in previous versions of Windows Server operating systems.

Event volume: High on servers running AD DS role services; none on client computers

Default: Not configured

If this policy setting is configured, the following event is generated. The event appears on computers running Windows Server 2008 R2 or Windows Server 2008.

Event ID Event message


An operation was performed on an object.