Forum

Ultimate Windows Security Forum » Security Log » 4647 - User initiated logoff » How to puch events 4647, 4634, 551, and 538...

How to puch events 4647, 4634, 551, and 538...

Rate Topic

Display Mode

Topic Options

Author

Message

bcuser

Posted 7/27/2010 11:32:49 AM

Forum Newbie

Group: Forum Members
Last Login: 7/27/2010 11:23:57 AM
Posts: 1, Visits: 0

Hi,

Is there a way to push these local workstation events to a domain controller? It seems with "Audit Account Logon Events" you can get the logon events to be logged on the domain controller that handles that logon, but is there a way to get the logoff events pushed as well?

Thanks,
Todd

Post #419

« Prev Topic | Next Topic »

Permissions

All times are GMT -5:00, Time now is 9:21am

Upcoming Webinars

AD Audits: Top 7 Questions to Answer When Auditors Look at Account Management and Access Control in Active Directory

Additional Resources

Home

Forum

User name:
Password:
	/ Forgot?
	Register

Home

About | Contact

Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2008 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk.