In this article:

• Objective

• Prerequisites

• Steps to follow

• Validation and confirmation

• Tips

• Related topics and articles

Objective  

This article explains how to check the audit policy status of machines in a domain using the ADAudit Plus product UI.

Prerequisites  

• Have access to the ADAudit Plus console.

• The service account must have administrative privileges.

• Have WMI and DCOM permissions on the target machines.

• Domain computers must be reachable from the server where ADAudit Plus is installed.

Steps to follow

1. Access the ADAudit Plus web console using an account with appropriate administrative or delegated privileges.

2. Click the Admin tab at the top.

3. Under the Administration section, select Audit Policy Status.

4. From the Domain drop-down list, select the domain you wish to audit.

5. In the Computer section, pick the specific machine (domain controller, member server, or workstation) whose audit policy status you want to view.

6. Click the Generate button.

7. The current audit policy configuration for the selected machine will be displayed.

Validation and confirmation  

• Ensure that required audit policies (such as Audit Logon Events, Audit Directory Service Changes, Audit Object Access, etc.) show as Enabled.

• Confirm that both success and failure auditing is enabled where applicable.

• If policies appear missing or disabled, reconfigure them via a GPO or local security policy and regenerate the report.

Tips

• Regularly review audit policy status for all critical machines to maintain visibility over audit configurations.

• For large environments, consider creating a scheduled task in ADAudit Plus to routinely monitor and alert on audit policy deviations.

• Use the Export options to keep offline records or share audit policy statuses with compliance teams.

Related topics and articles  

• How to enable audit policies via GPO