Why is an Event ID generated for a user but not for a group?

Thread starter Windows 10
Start date Mar 12, 2025

Mar 12, 2025

Windows 10

Active Members

Hello,I enabled Audit Policy through the following method:Open the Local Group Policy Editor (gpedit.msc).Navigate to Windows Settings -> Security Settings -> Advanced Audit Policy Configuration -> Object Access.Open the Audit File System policy and check "Success".Update Group Policy Settings:Run the command "gpupdate /force" in Command Prompt to apply the changes.Then I set the Audit policy for the folder and selected a group from the select a principal section. For the group, only ID 4663 is created and ID 4660 is not generated, but when I select a user instead of a group, both IDs

Continue reading...

You must log in or register to reply here.

Similar threads

Why is an Event ID generated for a user but not for a group?

Replies: 0

Views: 8

Mar 12, 2025

Microsoft Windows

Why is ID 4660 not being generated?

Replies: 0

Views: 8

Mar 10, 2025

Microsoft Windows

No Windows security event is generated for adding a user account to local administrators'group

Replies: 0

Views: 13

Mar 3, 2025

Windows 11

No Windows security event is generated for adding a user account to local administrators'group

Replies: 0

Views: 6

Mar 3, 2025

Microsoft Windows

Group policy 'Prohibit New Task Creation’ is applied and the gpo has 'won' but a standard user can still create a scheduled task

Laura_468
Nov 25, 2024
Malware, Virus Protection & Windows Update

Replies: 0

Views: 13

Nov 25, 2024

Laura_468

Facebook X Bluesky LinkedIn Reddit Pinterest Tumblr WhatsApp Email Link

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn more…

Back

Top