Wednesday, December 3, 2008

How to Enable WINLOGON Logging

Logging for the Microsoft Windows Security Configuration Client (also known as "SceCli") component during Group Policy processing helps in troubleshooting user rights, group memberships and security policies, (for example, password policy or account restrictions) that have been set using Group Policies.

245422 How to Enable Logging for Security Configuration Client Processing in
http://support.microsoft.com/?id=245422 

Value Path: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{827D319E-6EAC-11D2-A4EA-00C04F79F83A}
Value Name: ExtensionDebugLevel
Value Type: REG_DWORD
Value Data: 2 (hex)
Output: %Systemroot%\security\logs\winlogon.log
Note: 
To immediately generate logging output, type the following command at a command prompt on the client:
On Windows 2000:
"secedit /refreshpolicy machine_policy /enforce" (without the quotation marks)
On Windows XP and 2003:
"gpupdate /force" (without the quotation marks)
  















Labels: