반품
-
제목
Enable Defender Token Auditing -
설명
Enable Defender Token Auditing -
해결 방안
Logging of token related administration can be enabled by creating a new DWORD registry key as below:x64:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\PassGo Technologies\Defender\Defender AD MMCx86:
HKEY_LOCAL_MACHINE:SOFTWARE\PassGo Technologies\Defender\Defender AD MMCNew DWORD: LoggingEnabled and set the value to 1.When Active Directory Users & Computers (ADUC) is next opened token administration information will be written to the Defender event log, which can be seen in the Windows Event Viewer within the 'Application and Services Logs' section.
The list of events is listed in the Defender Administrator Guide – Appendix E, section “Administrator Console messages” available here