I am aware that this is a "how long is a piece of string question" but here we go...
For a single domain - single subnet - single site environment, but wanting to keep some information for monitoring attempts to logon with invalid passwords, connections of non-domain computers, account lockout and so on (how long is the other piece of string?)...
There are all sorts of new settings in Advanced Audit Policy which I imagine many admins of these sorts don't look at because they have inherited something from way back when (or SBS).
I thought : easy - install a new Server 2012 R2, promote to Domain Controller and see what is set up: well the answer is NOTHING as far as I can see.
Help, comments, guidelines?
CarolChi