Environment
Directory & Resource Administrator 8.5
Directory & Resource Administrator 8.5 SP1
Directory & Resource Administrator 8.6
Directory & Resource Administrator 8.5 SP1
Directory & Resource Administrator 8.6
Situation
How do I re-enable DRA to write events to the Application Event log in DRA 8.5 and later?
Why does DRA no longer write events to the Application Event log?
Why does DRA no longer write events to the Application Event log?
Resolution
By default, Directory & Resource Administrator (DRA) versions 8.5 and later no longer write audit changes made by Administrators to the Windows Application Event Logs. While basic service events are still recorded, change history type events are now written to an internal database that is more secure. To re-enable DRA to also write these events to the Windows Application Event Log again, perform the following steps:
- Open regedit and browse to the following registry key:
- \Software\Mission Critical Software\OnePoint\Administration\Modules\ServerConfiguration
- Create a new DWORD key and name it: IsNTAuditEnabled
- Give the key a value of 1.
- Restart the NetIQ Administration Service.
Additional Information
Formerly known as NETIQKB72742
This registry change is not replicated amongst all DRA servers as part of the MMS sync. This change will need to be made to each DRA server that the event logging is desired to be re-enabled on.
This registry change is not replicated amongst all DRA servers as part of the MMS sync. This change will need to be made to each DRA server that the event logging is desired to be re-enabled on.