I also set up Audit Policies for each of the computer account types. The fix was easy, but I thought I would share for others who might run into the same issue.įirst, I set a group policy to configure appropriately sized logs and retention policies on domain controllers (Default Domain Policy), Servers, and Workstations respectively. Hard drives – physical and virtual – began to fill up, taking down critical services. But, the setting to archive event logs on each server and workstation in the domain persisted. The need for the policy abated, then the policy was removed. I ran into an environment today where a group policy object (GPO) was configured at the domain level that set security logs to be archived to the C: drive when full.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |