How to Activate Security Event Logging in Windows NT 4.0

Article translations Article translations
Article ID: 157238 - View products that this article applies to.
This article was previously published under Q157238
This article has been archived. It is offered "as is" and will no longer be updated.
Expand all | Collapse all

SUMMARY

This article describes how to activate security event logging in Windows NT 4.0.

MORE INFORMATION

To activate security event logging, follow these steps:
  1. Log on as the administrator of the local workstation.
  2. Click the Start button, point to Programs, point to Administrative Tools, and then click User Manager.
  3. On the Policies menu, click Audit.
  4. Click the Audit These Events option.
  5. Enable the options you want to use. The following options are available:
    • Logon/Logoff: Logs both local and remote resource logins.
    • File And Object Access: File, directory, and printer access.

      Note: Files and folders must reside on an NTFS partition for security logging to be enabled. Once the auditing of file and object access has been enabled, use Windows NT Explorer to select auditing for individual files and folders.
    • Use Of User Rights: Access to anything requiring user rights.
    • User And Group Management: Any user accounts or groups created, changed, or deleted. Any user accounts that are renamed, disabled, or enabled. Any passwords set or changed.
    • Security Policy Changes: Any changes to user rights or audit policies.
    • Restart, Shutdown, And System: Logs shutdowns and restarts for the local workstation.
    • Process Tracking: Tracks program activation, handle duplication, indirect object access, and process exit.
  6. Click the Success check box to enable logging for successful operations, and the Failure check box to enable logging for unsuccessful operations.
  7. Click OK.

Properties

Article ID: 157238 - Last Review: October 1, 2013 - Revision: 1.1
APPLIES TO
  • Microsoft Windows NT Server 4.0 Standard Edition
  • Microsoft Windows NT Workstation 4.0 Developer Edition
Keywords: 
kbnosurvey kbarchive kbhowto KB157238

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com