Not Understanding Audit Policy with SCM 8.1 Baseline

Similar Messages

• Completely not understanding photo sync with itunes .. please help!

  With my old iphones, when i plugged in the iphone, the computer would automatically make folders with photos that I took (and there'd be a folder for each date that I took photos), which was very helpful. With iphone 4, that is not happening ... How do I get that to happen? Thanks

  You need to check your autoplay settings, on your machine, for iPhone 4. Also setup your "Import Settings" to automatically make folders with photos.
  Message was edited by: anilsudhakaran

• Imovie video does not run on PC with quick time!!!

  I have produced a video on a Mac with imovie V 9.0.8 and exported via Quicktime. I tried to view the video on a PC with quicktime 7.7.3. Unfortunately this is not possible!! A simple link to a page with a number of third party suppliers should help! I do not have time and motivation to search in the jungle of codecs and secrets to find a correct solution. I do not understand apples policy. It is the most difficult thing to make a video and find a format that can be read with current software.
  What can be done?

  I have produced a video on a Mac with imovie V 9.0.8 and exported via Quicktime. I tried to view the video on a PC with quicktime 7.7.3. Unfortunately this is not possible!! A simple link to a page with a number of third party suppliers should help! I do not have time and motivation to search in the jungle of codecs and secrets to find a correct solution.
  What codec did you use for the export? I.e., It is most likely the video codec used for your export is causing the problem as it may not be included in the basic QT codec component package. (E.g., the Apple Intermediate Codec is only available on the Mac.)
  I do not understand apples policy. It is the most difficult thing to make a video and find a format that can be read with current software.
  If you exported the file for playback on a PC and selected or allowed a defaulted codec not available for the PC to be used, then the problem is self-inflected. The normal export combination would be H.264/AAC in an MOV, MP4, or M4V file container. Assuming the file was properly terminated and transferred between systems, any of these files should be playable in QT on your PC (as well as other third-party players like VLC, MPEG Streamclic, etc.)
  What can be done?
  The best option would probably be to re-export the project to any format known to be compatible with your PC QT install.

• Domain advanced audit policy not taking effect on DC.

  Hi.
   I'm having a strange problem getting an advance audit policy to take effect on one of my domain controllers, we'll call it DC1. I have two DCs on this network, and both are in the same OU, however behave wildly differently with the same policy.
  For example, on DC1 when I run group policy results wizard from GPMC, I can see the local policy/audit policy settings, but no settings for advanced audit configuration are shown. However, if I log into DC1 itself and look at local security policy,
  it shows settings in both areas.
  No matter what changes I made to either area in the domain policy nothing would change in the local security policy on the system when refreshing group policy on the DC. It was as if it were stuck somehow. If I used the auditpol /get /category:* command
  it showed default audit settings, and that's it.
  I figured I would try to clear them and set them manually, and so I did an auditpol /clear, and now it says No Auditing for all categories. In addition to this, I did a gpupdate /force and it still said no auditing in all cagegories after displaying them
  with auditpol /get /cagories:*. On DC2 which is in the same OU, when running the group policy result wizard, it shows both advance audit, and basic auditing settings being applied.
  If I look in the local security policy it shows no auditing for all basic audit settings, and all the advanced audit settings as being set. Which should be the case when Audit: force audit policy subcategory settings is set (which it is). However, unlike
  DC1, instead of showing No auditing, it shows all of the advanced audit configuration settings when I type auditpol /get /categories: * at the command prompt, and it's gpresults look good. I even cleared the audit policy off of DC2, and got it to show "no
  auditing" before doing a gpupdate, and all it's settings came back. Not so with DC1. DC1 seems to apply all other group policy settings without issue.

  Hi,
  Based on your description, we can use the command auditpol/clear to remove all audit settings, find the audit.csv file existing in the GPOs in which we configured audit settings,
  delete the audit.csv file, and then configure the audit setting via group policy to see if it works as expected.
  The path for the audit.csv file:
  %systemroot%\Sysvol\sysvol\domainname\Policies\GPOs\Machine\
  Microsoft\Windows NT\Audit
  In addition, regarding audit policy, the following blog can be referred to for more information.
  Getting the Effective Audit Policy in Windows 7 and 2008 R2
  http://blogs.technet.com/b/askds/archive/2011/03/11/getting-the-effective-audit-policy-in-windows-7-and-2008-r2.aspx
  TechNet Subscriber Support
  If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.
  Best regards,
  Frank Shen

• IBooks Author. I am not allowed to sign in with my Apple ID on iTunes Connect when I am trying to publish my book in iBooks Author. I do not understand why because I have fulfilled the first steps creating an account and informed my IRS tax number...

  I am not allowed to sign in with my Apple ID on iTunes Connect when I am trying to publish my book in iBooks Author. I do not understand why because I have fulfilled the first steps creating an account and informed my IRS tax number...

  The recommendation is always to make another ID for use with a paid books account. And while I can't swear this is at the root of your issue, you should in any case reach out to Apple for assistance on this one, I think.
  Account Applications:
  [email protected]
  Global Phone Support
  We have expanded English-language publisher phone support. To make contacting the iBookstore support even easier, new local phone numbers are now available for Australia, France, Germany, Italy, Netherlands, Spain, and the U.K. Support is available Monday to Friday, from 7 a.m. to 5 p.m. (PT).
  Country
  Phone Number
  Australia
  1300 307 504
  Note that this is a low tariff number.
  France
  0805 540 117
  Germany
  0800 664 5307
  Italy
  800 915 902
  Netherlands
  0800 0201 578
  Spain
  900 812 687
  U.K.
  0800 975 0615
  U.S.
  +1 (877) 206-2092
  Toll-free from U.S. and Canada.
  Good luck

• Haveing problems with siri not understanding me

  having trouble with siri not understanding me.  could there be a glitch?

  I  just have a problem that when I ask Siri to schedule an appointment it directs me with a internet search with the words I just said.  So it understnads my words but seems to think I want to search for them rather than schedule the appointment or play the music.  I try Siri every couple of weeks and the response is so bad its worthless.

• I am not understanding this Bonjour photo sharing thing with front row.

  I just finished seting up my media center with a 37 inch Olevia. WOW
  Anyways, what I am not understanding is I have iphoto set up on the other two compuers as sharing photos and the MINI is set to see them. Do I have to have iPhoto RUNNING on the other two computers so that I can RETRIEVE the photos on the mini? That seems so wrong. Can I just access the other computers photos and view them on my wireless network to the mini? I thought this is what this bonjour is all about...or do I have to copy the photos to the mini for viewing?
  Thanks

  You are most welcome.
  I understand the frustration - but when you step back and think about reliability, it makes sense to have one application to do one thing. If front row had to handle the slide show - it would be bulky and whenever a new feature was developed (or bug fixed) - the code would have to be added and tested in both iPhoto and Front Row. By keeping front row thin, simple and intuitive - it gets to market cheaper and more reliably. Isn't that really why we use Mac?
  iPhoto's job is to organize pictures. A lot of sophisticated things happen to add value when you take those "pictures in a flat folder" and import them - color correction, cropping, rotation, grouping into an album, ordering of the photos, settings for the slide show - music, fade effect, ken burns/zoom, etc...
  I have those applications set to launch automagically when I log in and hide themselves so I never see them until needed. They sit there idle once they load until front row tickles them in the correct manner to feed data over the network to front row...
  If you really need some photos to stand alone, you can always export a slide show as a quick time movie. Front Row will play movies remotely with no application running on the other end.

• HT204053 The SIM card that you currently have installed in this iPhone is from a carrier that is not supported under the activation policy that is currently assigned by the activation server. This is not a hardware issue with the iPhone. Please insert ano

  sir have this error so what can i do The SIM card that you currently have installed in this iPhone is from a carrier that is not supported under the activation policy that is currently assigned by the activation server. This is not a hardware issue with the iPhone. Please insert another SIM card from a supported carrier or request that this iPhone be unlocked by your carrier. Please contact Apple for more information.

  It looks like the iPhone is locked to a carrier that is not the one you are trying to use.
  You need to determine which carrier it is locked to and then contact them to see if they are willing to authorise the unlocking of your iPhone.  As ManSinha mentioned, many carriers will only authorised the unlock if requested by the customer who had the contract with them for this iPhone.
  Remember that only the carrier who owns the lock on your Iphone can authorise Apple to unlock the iPhone in their servers.  You need to contact the carrier or have the previous owner of the iPhone request the unlocking.

• HT1937 the SIM card that you currently have installed in this iPhone is form a carrier that is not supported under the activation policy that is currently assigned by the activation server.this is not a hardware issue with the iphon. please insert another

  the SIM card that you currently have installed in this iPhone is form a carrier that is not supported under the activation policy that is currently assigned by the activation server.this is not a hardware issue with the iphon. please insert another SIM card from supported carrier or request that this iPhone be unlocked by your carrier.

  Similar issue
  here is the description
  I have similar message but for me the Verizon guys said they unlocked it and when I actually connected to iTunes using Verizon sim card and then did the restore as new iphone then everything worked well and at the end i saw the message "Congrats, your iphone is now unlocked" and then I did the set up as new iphone for my kid.
  Once new apple ID was set up, then I removed the verizon SIM and then inserted prepaid t-mobile sim card and after the phone booted up then I got the same message like  above...."not supported"
  What do i do now? I think the phone is unlocked right?
  Also do I need to insert Verizon SIM card and do restore as NEW and this time do not set up the iphone but change the SIM card and then set up or ?
  I am confused and other threads were talking that if you get congrats message then u shd be good to use other SIM cards....please help!!!

• HT1414 The Sim card that you currently have installed in this iphone is from a carrier that is not supprotedunder the activation policy that is currently assigned by the activation server. this is not a hardware issue with the iphone. please insert anothe

  The Sim card that you currently have installed in this iphone is from a carrier that is not supprotedunder the activation policy that is currently assigned by the activation server. this is not a hardware issue with the iphone. please insert another sim card from a supported carrier or request that this iphone be unlocked by your carrier.please contact apple for more information.

  I have similar message but for me the Verizon guys said they unlocked it and when I actually connected to iTunes using Verizon sim card and then did the restore as new iphone then everything worked well and at the end i saw the message "Congrats, your iphone is now unlocked" and then I did the set up as new iphone for my kid.
  Once new apple ID was set up, then I removed the verizon SIM and then inserted prepaid t-mobile sim card and after the phone booted up then I got the same message like  above...."not supported"
  What do i do now? I think the phone is unlocked right?
  Also do I need to insert Verizon SIM card and do restore as NEW and this time do not set up the iphone but change the SIM card and then set up or ?
  I am confused and other threads were talking that if you get congrats message then u shd be good to use other SIM cards....please help!!!

• Auditing with advanced audit policy

  I'm looking into advanced audit policy and recommendations.  
  What is the difference between "advanced audit policy configuration" and "auditpol.exe?"
  Once advanced audit policy is configured, where can I check the logs? Event Viewer?
  Should the advanced audit policy be configured on the Default Domain Policy or a separate policy on specific OUs?

  Hi,
  The basic security audit policy settings in Security Settings\Local Policies\Audit Policy and the advanced security audit policy settings in
  Security Settings\Advanced Audit Policy Configuration\System Audit Policies appear to overlap, but they are recorded and applied differently. When you apply basic audit policy settings to the local computer using Local Security Policy, you
  are editing the effective audit policy, so changes made to basic audit policy settings will appear exactly as configured in Auditpol.exe.
  There are a number of additional differences between the security audit policy settings in these two locations.
  There are nine basic audit policy settings under Security Settings\Local Policies\Audit Policy and 53 settings under
  Advanced Audit Policy Configuration. The settings available in
  Security Settings\Advanced Audit Policy Configuration address similar issues as the basic nine settings in
  Local Policies\Audit Policy but allow administrators to be more selective in the number and types of events to audit. For example, where basic audit policy provides a single setting for account logon, advanced audit policy provides four. Enabling
  the single basic account logon setting would be the equivalent of setting all four advanced account logon settings. In comparison, setting a single advanced audit policy setting does not generate audit events for activities you are not interested in. In addition,
  if you enable success auditing for the basic Audit account logon events setting, only success events will be logged for all account logon–related behaviors. In comparison, you can configure success auditing for one advanced account logon
  setting, failure auditing for a second advanced account logon setting, Success and failure auditing for a third advanced account logon setting—or no auditing, depending on the needs of your organization.
  The nine basic settings under Security Settings\Local Policies\Audit Policy were introduced in Windows 2000, and therefore are available to all versions of Windows released since then. The advanced audit policy settings were introduced in
  Windows Vista and Windows Server 2008. The advanced settings can only be used on computers running Windows 7, Windows Vista, Windows Server 2008 R2, or Windows Server 2008.
  For more information, please refer to the below link:
  Advanced Security Auditing FAQ
  http://technet.microsoft.com/en-us/library/ff182311(WS.10).aspx#BKMK_2
  Best Regards,
  Yan Li
  Yan Li
  TechNet Community Support

• Win7 desktops secpol and Local Sec Policy not showing auditing enabled

  ok, I thought I have this licked with a solution before,
  I have a Server 2008 R2 and Win7 Desktops where I have a Server 2008 GPO to Audit Events on the server and desktops, however at the desktops locally auditing is greyed out and displaying ‘no auditing’ but logs show auditing entries.
  At the Server 2008 R2 SP1 64
  Server
  Administrative Tools
  Group Policy Management
    Forest
    Domains
    My_Network_Name.com
    Default Domain Policy
    Edit
    Computer Configuration
    Policies
    Windows Settings
    Security Settings
    Local Policies
    Audit Policy
    Logon, Account, Etc all able to change Success, Fail
  However at the Windows 7 desktops the Local Security Policy, Local Policies, Audit Policies, all the policies have ‘no auditing’ however the local Win7 Event Logs are auditing.
  What would cause this to display ‘no auditing’ at the desktops and yet enter events locally and at the server
  Thank you
  B.

  Thanks,
  The Server 2008 R2 has this:
  System audit policy
  Category/Subcategory                      Setting
  System
    Security System Extension               No Auditing
    System Integrity                        No Auditing
    IPsec Driver                            No Auditing
    Other System Events                     Success and Failure
    Security State Change                   No Auditing
  Logon/Logoff
    Logon                                   Success and Failure
    Logoff                                  Success and Failure
    Account Lockout                         Success and Failure
    IPsec Main Mode                         No Auditing
    IPsec Quick Mode                        No Auditing
    IPsec Extended Mode                     No Auditing
    Special Logon                           No Auditing
    Other Logon/Logoff Events               Success and Failure
    Network Policy Server                   No Auditing
  Object Access
    File System                             No Auditing
    Registry                                No Auditing
    Kernel Object                           No Auditing
    SAM                                     No Auditing
    Certification Services                  No Auditing
    Application Generated                   Failure
    Handle Manipulation                     No Auditing
    File Share                              Failure
    Filtering Platform Packet Drop          No Auditing
    Filtering Platform Connection           No Auditing
    Other Object Access Events              No Auditing
    Detailed File Share                     No Auditing
  Privilege Use
    Sensitive Privilege Use                 No Auditing
    Non Sensitive Privilege Use             No Auditing
    Other Privilege Use Events              No Auditing
  Detailed Tracking
    Process Termination                     No Auditing
    DPAPI Activity                          No Auditing
    RPC Events                              No Auditing
    Process Creation                        No Auditing
  Policy Change
    Audit Policy Change                     Success and Failure
    Authentication Policy Change            Success and Failure
    Authorization Policy Change             Success and Failure
    MPSSVC Rule-Level Policy Change         No Auditing
    Filtering Platform Policy Change        No Auditing
    Other Policy Change Events              Success and Failure
  Account Management
    User Account Management                 No Auditing
    Computer Account Management             No Auditing
    Security Group Management               No Auditing
    Distribution Group Management           No Auditing
    Application Group Management            No Auditing
    Other Account Management Events         No Auditing
  DS Access
    Directory Service Changes               No Auditing
    Directory Service Replication           No Auditing
    Detailed Directory Service Replication  No Auditing
    Directory Service Access                No Auditing
  Account Logon
    Kerberos Service Ticket Operations      No Auditing
    Other Account Logon Events              No Auditing
    Kerberos Authentication Service         No Auditing
    Credential Validation                   No Auditing
   The Windows 7 Desktops have this:
  System audit policy
  Category/Subcategory                      Setting
  System
    Security System Extension               No Auditing
    System Integrity                        No Auditing
    IPsec Driver                            No Auditing
    Other System Events                     Success and Failure
    Security State Change                   No Auditing
  Logon/Logoff
    Logon                                   Success and Failure
    Logoff                                  Success and Failure
    Account Lockout                         Success and Failure
    IPsec Main Mode                         No Auditing
    IPsec Quick Mode                        No Auditing
    IPsec Extended Mode                     No Auditing
    Special Logon                           No Auditing
    Other Logon/Logoff Events               Success and Failure
    Network Policy Server                   No Auditing
  Object Access
    File System                             No Auditing
    Registry                                No Auditing
    Kernel Object                           No Auditing
    SAM                                     No Auditing
    Certification Services                  No Auditing
    Application Generated                   Failure
    Handle Manipulation                     No Auditing
    File Share                              Failure
    Filtering Platform Packet Drop          No Auditing
    Filtering Platform Connection           No Auditing
    Other Object Access Events              No Auditing
    Detailed File Share                     No Auditing
  Privilege Use
    Sensitive Privilege Use                 No Auditing
    Non Sensitive Privilege Use             No Auditing
    Other Privilege Use Events              No Auditing
  Detailed Tracking
    Process Termination                     No Auditing
    DPAPI Activity                          No Auditing
    RPC Events                              No Auditing
    Process Creation                        No Auditing
  Policy Change
    Audit Policy Change                     Success and Failure
    Authentication Policy Change            Success and Failure
    Authorization Policy Change             Success and Failure
    MPSSVC Rule-Level Policy Change         No Auditing
    Filtering Platform Policy Change        No Auditing
    Other Policy Change Events              Success and Failure
  Account Management
    User Account Management                 No Auditing
    Computer Account Management             No Auditing
    Security Group Management               No Auditing
    Distribution Group Management           No Auditing
    Application Group Management            No Auditing
    Other Account Management Events         No Auditing
  DS Access
    Directory Service Changes               No Auditing
    Directory Service Replication           No Auditing
    Detailed Directory Service Replication  No Auditing
    Directory Service Access                No Auditing
  Account Logon
    Kerberos Service Ticket Operations      No Auditing
    Other Account Logon Events              No Auditing
    Kerberos Authentication Service         No Auditing
    Credential Validation                   No Auditing

• HT201250 I do not understand how to restore my entire iTunes music library with Playlists and all?

  I do not understand how to restore my iTunes library inlcuding Playlists and all? In clearing out an older Powerbook I had not signed out of MobileMe when clearing iTunes. That deleted many songs and Playlists on the iMac and iPhone. Help is appreciated.

  And yes, I have a 500G external HD so I know the data is in there.

• My 5S is starting to scramble my calls so you can not understand the party you are speaking with, does anyone know why?

  My 5S is starting to "scramble" my calls so you can not understand the party on the other end.

  Basics from the manual are restart, reset, restore
  Have you tried all of these?

• It says SIM card is from a carrier that is not supported activation policy?

  after reseting my phone i am very stunned because it says that The SIM card that you currently have installed in this iPhone is from a carrier that is not supported under the activation policy that is currently assigned by the activation server. This is not a hardware issue with the iPhone. Please insert another SIM card from a supported carrier or request that this iPhone be unlocked by your carrier. Please contact Apple for more information.
       Cant understand what to do now...

  Sounds like the iPhone was hacked to be unlocked. When restoring an iPhone with iTunes that was hacked to be unlocked, the hack is removed and re-locked to the carrier the iPhone was sold as carrier locked with when new.