Tuesday, May 8, 2012

How to enable Certification Authority Auditing on Windows Server

By default, the Auditing function is not enabled on the CA server. After the auditing is enabled, all the events will be logged in the "Security log". To enable the auditing, I need to modify the following settings.

1. On the CA server, log in as Administrator.
2. Launch "Certification Authority".
3. Right-click the name of the CA, select "Properties".
4. Select "Auditing" tab.
5. Check the events which you want to audit.

6. Click "OK".
7. Launch "Local Group Policy Editor".
8. Expand "Computer Configuration > Windows Settings > Security Settings > Local Policies > Audit Policy".
9. Double-click "Audit object access".
10. Check "Success" and "Failure".

11. Click "OK".

12. Close "Local Group Policy Editor".

Remark: If your CA server is a member server of the domain, you can configure the Domain Group Policy.

13. Restart "Active Directory Certificate Services".

As a result, the auditing has been enabled on the CA server.

Configure CA Event Auditing

CA Auditing

This posting is provided “AS IS” with no warranties, and confers no rights!

No comments:

Post a Comment