Error DataBase-One Place all Solutions Forums Blog Glossary    Contact Us
Search  
   
Browse by Category
Error DataBase-One Place all Solutions
 Business Desktop Deployment (BDD) 2007
 Citrix
 DataBase
 Drivers
 Microsoft Exchange Server
 Mobile Junction
 Operating Systems
 Solaris Opearting System (OS)
 Windows Operating Systems
 MS DOS
 Windows 2000
 Windows 2003
 Windows Scripts and Batch Files
 Windows Server 2008
 Windows VISTA
 Windows XP
 Technical vocabulary
 Virtualization
 WebMaster
Error DataBase-One Place all Solutions .: Operating Systems .: Windows Operating Systems .: Windows 2000 .: How To Monitor for Unauthorized User Access in Windows 2000

How To Monitor for Unauthorized User Access in Windows 2000

SUMMARY

This article describes how to monitor your system for unauthorized user access. There are two main steps: Enabling security auditing and viewing the security logs. Note that different systems have different security needs, and the security topic is complex. Any user who sets up security audits on your system must be assigned to administrative groups or be given security rights and privileges.

How to Enable Security Auditing

You set up security auditing differently depending on whether the computer is a standalone computer or a domain controller.

Standalone Servers, Member Servers, or Windows 2000 Professional

1. Click Start, click Run, type mmc /a, and then click OK.
2. On the Console menu, click Add/Remove Snap-in, and then click Add.
3. Under Snap-in, click Group Policy, and then click Add.
4. In the Select Group Policy Object box, click Local Computer, click Finish, click Close, and then click OK.
5. In the Local Computer Policy box, click Computer Configuration, click Windows Settings, click Security Settings, click Local Policies, and then click Audit Policy.
6. In the details pane, click Audit logon events.
7. Click Action, click Security, select Unsuccessful logon attempts, and then click OK.

Windows 2000-Based Domain Controllers

1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers
2. In the console tree, click Domain Controllers.
3. Click Action, and then click Properties.
4. Click the Group Policy tab, click Default Domain Controllers Policy, and then click Edit.
5. Click to expand Computer Configuration, Windows Settings, Security Settings, Local Policies, and then Audit Policy.
6. In the details pane, click Audit logon events.
7. On the Action menu, click Security, click to select the Define these policy settings check box, click to select the Failure check box, and then click OK.

 

How to View Security Logs

1. Click Start, point to Programs, point to Administrative tools, and then click Event viewer.
2. In the console tree, click Security log.
3. Look in the details pane for information about the event you want to view, and then double-click the event.

Article 1152
Created 2-18-2008
Author Lucki
Rating (None)

How helpful was this article to you?

Related Articles

article How To Create and Configure Performance Monitor Alerts in Windows 2000
SUMMARY WARNING: If you use Registry...
(No rating)  2-18-2008    Views: 297   
article How To Configure User and Group Access on an Intranet in Windows Server 2003
SUMMARY This article describes how to...
(No rating)  5-16-2008    Views: 124   
article How to Configure User and Group Access on an Intranet in Windows Server 2003
This article describes how to configure...
(No rating)  6-3-2008    Views: 84   

User Comments

Add Comment
No comments have been posted.