Hi,
we have 2k8R2 domain controller with NPS service on it. Due to frequent blocking one of accounts, I would like to set a logging on DC to determine which station causes multiple user login.
The Default Domain Controllers Policy looks OK:
But there are no events in security log on DC (there is only one DC in this environment).
This is the "Default Domain Policy":
I also discovered that there are no events for Network Policy Server - it is installed on DC and works as NAP.