Audit Application Group Management

Applies To: Windows 7, Windows Server 2008 R2

This security policy setting determines whether the operating system generates audit events when application group management tasks are performed, such as:

  • An application group is created, changed, or deleted.

  • A member is added to or removed from an application group.

Event volume: Low

Default: Not configured

If this policy setting is configured, the following events are generated. The events appear on computers running Windows Server 2008 R2, Windows Server 2008, Windows 7, or Windows Vista.

Event ID Event message

4783

A basic application group was created.

4784

A basic application group was changed.

4785

A member was added to a basic application group.

4786

A member was removed from a basic application group.

4787

A non-member was added to a basic application group.

4788

A non-member was removed from a basic application group.

4789

A basic application group was deleted.

4790

An LDAP query group was created.