Auditing RDP Logon Failures
I try to get logon failures reported in case of RDP bruteforcing
- a non domain joined computer is trying to get an rdp connection
- with an AD Account
- to a domain joined computer
On the local computer e got event log IDs with the event 4625
But I cant see anything on my domain controlliers.