This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Certification Services, which determines whether the operating system generates events when Active Directory Certificate Services (AD CS) operations are performed.
Examples of AD CS operations include:
1. AD CS starts, shuts down, is backed up, or is restored.
2.Certificate revocation list (CRL)-related tasks are performed.
3. Certificates are requested, issued, or revoked.
4. Certificate manager settings for AD CS are changed.
5. The configuration and properties of the certification authority (CA) are changed.
6. AD CS templates are modified.
7. Certificates are imported.
8. A CA certificate is published to Active Directory Domain Services.
9. Security permissions for AD CS role services are modified.
10. Keys are archived, imported, or retrieved.
11. The OCSP Responder Service is started or stopped.