Copy the below contents to a notepad and save the file as name.ps1 and run the script using power-shell. Audit policy would be updated . Make the required changes for success and failure according to your requirement.
Audit Policy Location
- Start – Run – Secpol.msc – Security Settings – Local Policy – Audit Policy .
” `n ”
auditpol /set /category:”object access” /success:enable /failure:enable
” Object Access – Policy Updated”
” `n ”
auditpol /set /category:”account logon” /success:enable /failure:enable
” Account Logon – Policy Updated”
” `n ”
auditpol /set /category:”policy change” /success:enable /failure:enable
” Policy Change – Policy Updated”
” `n ”
auditpol /set /category:”account management” /success:enable /failure:enable
” Account Management – Policy Updated”
” `n ”
auditpol /set /category:”ds access” /success:disable /failure:enable
” DS Access – Policy Updated”
” `n ”
auditpol /set /category:”privilege use” /success:disable /failure:enable
” Privilege Use – Policy Updated”
” `n ”
auditpol /set /category:”system” /success:disable /failure:enable
” System – Policy Updated”
” `n ”
auditpol /set /category:”logon/logoff” /success:enable /failure:enable
” Logon/Logoff – Policy Updated”
” `n ”
start-sleep -s 3
Formatting the system is not always the solution 