Skip to content

Setup Windows Audit

Jump to bottom
EdVassie edited this page Aug 16, 2018 · 2 revisions
Previous Setup Power Configuration Manual Install Setup Firewall Port Exceptions Next

FineBuild can set up the Windows Audit processing to improve security monitoring for SQL Server.

Security Compliance

Setup Windows Audit configuration helps to log use of sensitive facilities and securely log any violations. If you setup Security Compliance then Setup Windows Audit configuration will always be implemented.

Group Policy Management

The Setup Windows Audit configuration can be enforced by Group Policy Management.

FineBuild Windows Audit Processing

Automated configuration of Windows Audit relates to Process Id 1CE in the FineBuild1Preparation script, and is controlled by the parameter below:

SQL Version Parameter FULL Build WORKSTATION Build CLIENT Build
SQL2019 /SetupWinAudit: Yes No Yes
SQL2017 /SetupWinAudit: Yes No Yes
SQL2016 /SetupWinAudit: Yes No Yes
SQL2014 /SetupWinAudit: Yes No Yes
SQL2012 /SetupWinAudit: Yes No Yes
SQL2008R2 /SetupWinAudit: Yes No Yes
SQL2008 /SetupWinAudit: Yes No Yes
SQL2005 /SetupWinAudit: Yes No Yes

Setup of Windows Audit is not performed automatically for Workstation Build as this type of installation often has conflicting demands for audit requirements.

Top

Manual Setup Windows Audit Processing

The following steps show what you would have to do to setup Windows Audit manually. FineBuild does all of this work for you automatically.

This processing should always be performed for a Server or Client Build, but may not be required for a Workstation build.

Windows Audit configuration can be performed either by using a GUI or by the command line. The examples below show both options.

GUI Configuration of Windows Audit

The example below shows how Windows Audit configuration be performed using a GUI

  1. Select Settings -> Control Panel -> Administrative Tools -> Local Security Policy to open the Local Security Policy GUI

  2. Navigate to Local Policy -> Audit Policy then set the values shown below:

    Local Security Settings

Command Line configuration of Windows Audit

The example below shows how Windows Audit configuration be performed using the command line

  1. Run the following commands:
  AUDITPOL /set /Category:"Account Logon"      /success:enable  /failure:enable
  AUDITPOL /set /Category:"Account Management" /success:enable  /failure:enable 
  AUDITPOL /set /Category:"DS Access"          /success:enable  /failure:enable
  AUDITPOL /set /Category:"Logon/Logoff"       /success:enable  /failure:enable
  AUDITPOL /set /Category:"Object Access"      /success:enable  /failure:enable 
  AUDITPOL /set /Category:"Policy Change"      /success:enable
  AUDITPOL /set /Category:"Privilege Use"      /success:enable  /failure:enable 
  AUDITPOL /set /Category:"Detailed Tracking"  /success:disable /failure:disable 
  AUDITPOL /set /Category:"System"             /success:enable

Copyright FineBuild Team © 2017 - 2018. License and Acknowledgements

Previous Setup Power Configuration Top Setup Firewall Port Exceptions Next

Key SQL FineBuild Links:

SQL FineBuild supports:

  • All SQL Server versions from SQL 2019 through to SQL 2005
  • Clustered, Non-Clustered and Core implementations of server operating systems
  • Availability and Distributed Availability Groups
  • 64-bit and (where relevant) 32-bit versions of Windows

The following Windows versions are supported:

  • Windows 2022
  • Windows 11
  • Windows 2019
  • Windows 2016
  • Windows 10
  • Windows 2012 R2
  • Windows 8.1
  • Windows 2012
  • Windows 8
  • Windows 2008 R2
  • Windows 7
  • Windows 2008
  • Windows Vista
  • Windows 2003
  • Windows XP
Clone this wiki locally