ADMT promting to enable auditing on domain controllers even though auditing is enabled

I’m currently in the middle of an Active Directory Forest consolidation project. Basically a customer with three separate Active Directory Forests is merging them into a single Active Directory Domain.

We enabled auditing on the domain controllers according to the ADMT guide, this is necessary to allow sid history migration. However every time we ran the ADMT tool we would receive an error stating that Auditing was not enabled and asking us if we would like to enable it.

ADMT-enable_auditing1

After clicking yes two things would happen.

1. The user migration would fail to migrate with SID history.

2. The auditing in the Default Domain Controller GPO would revert to Un-configured.

After a lot of digging around we finally found the solution.

Open the GPO and navigate to the Advanced Auditing Policies and enable auditing for all the options under Account Management to Success & Failure & DS Access to Success.

Advanced_Auditing

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s