Active Directory User Permissions

The Active Directory user configured in the Application configuration below must be granted permissions to manage the audit settings of the domain objects, as well as to access the Domain Controller event logs.

1. Grant Manage Auditing and Security Log Privilege

   1. Open Default Domain Controller Policy on a DC.
   2. • Navigate to Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies > User Rights Assignment and set the following settings:
      • Open Manage auditing and security log by double clicking or pressing Enter.
      • Add the domain user to the Users/Groups list.

   The syntax of the user added to the list must be Domain\User.

2. Add the user to the “Event log readers” security group.