Go Up
You are here: DeploymentConfigure IT InfrastructureWindows ServerConfigure Windows Registry Audit Settings

Configure Windows Registry Audit Settings

Windows Registry audit permissions must be configured so that the “Who” and “When” values are reported correctly for each change. Configure these settings on each Windows server you want to audit. Netwrix recommends using automatic audit configuration for more granular auditing. If you want to configure Windows Registry manually, follow the instructions below.

The following audit permissions must be set to "Successful" for the HKEY_LOCAL_MACHINE\SOFTWARE, HKEY_LOCAL_MACHINE\SYSTEM and HKEY_USERS\.DEFAULT keys:

  • Set Value
  • Create Subkey
  • Delete
  • Write DAC
  • Write Owner

Perform one of the following procedures depending on the OS version:

Go Up