Default Domain Policy vs. Default Domain Controller Policy

Discussion in 'MCSA' started by Tyler Cobb, Sep 28, 2005.

  1. Tyler Cobb

    Tyler Cobb Guest

    I'm reading along in the 70-290 book and there's an exercise that tells me
    to enable the Audit Accounts Logon Events and the Audit Logon Events
    policies in the Default Domain Controller Policy area. After that, they
    wanted me to try to log in with the wrong password on an account and then to
    come back on as Administrator and check out the Security Log in Event
    Viewer. I did all this but I noticed that it does not record any invalid
    logon attempts. It did, however, show the successful ones. I have verified
    that the policies are configured to audit both successes and failures.

    Out of curiousity, I went into the Default Domain Policy and enabled the
    same audit policies in there. When I viewed the Security Logs, I could see
    invalid logon attempts. Could the book be wrong or is there something I'm
    not understanding in a real scenario? I just have one computer setup with
    Windows Server 2003 for lab exercises. I was trying to generate invalid
    logins from the console. It's not networked to anything at the moment. Would
    it have worked if it were not a PDC on a one-computer network? Would it have
    been different if I tried to logon from a workstation?

    That brings me to another question if anyone has the time. I noticed that
    there seems to be an excessive pause when making some choices in Active
    Directory. I'm assuming the computer is trying to talk to something on the
    network that isn't there and timing out. Any idea what would be causing
    this?

    Thanks!
     
    Tyler Cobb, Sep 28, 2005
    #1
    1. Advertising

  2. Tyler Cobb

    dawnad Guest

    I've not tried that excercise but one thing i do know is that group policies
    take a configurable amount of time to take effect. pherhaps using the command
    "gpupdate" which forces the policy to update immediately will help you.
     
    dawnad, Oct 9, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. FESWANY
    Replies:
    3
    Views:
    2,338
  2. =?Utf-8?B?UmVic3U=?=
    Replies:
    11
    Views:
    13,976
    Guest
    Jun 11, 2005
  3. Tyler Cobb
    Replies:
    6
    Views:
    18,632
    Tyler Cobb
    Oct 19, 2005
  4. Limited Wisdom
    Replies:
    7
    Views:
    788
    Jonathan Roberts
    Sep 13, 2006
  5. Abaaseen
    Replies:
    9
    Views:
    1,011
    Kline Sphere
    Jan 19, 2009
Loading...

Share This Page