How to enable audit policies required for the initiator detection

To enable audit policies required for the initiator detection:

1. From the Domain Controller, navigate to Start > Administrative Tools > Group Policy Management.

2. From the console tree, click the name of your forest > Domains > your domain. Right-click the relevant Default Domain or Domain Controllers Policy (or create your own policy), and then click Edit.

3. Under Computer Configuration, click Policies > Windows Settings > Security Settings > Advanced Audit Policy Configuration > Audit Policy, then double-click the relevant policy setting.

4. Enable the following policies for Cayosoft Guardian:

   1. Select the Logon/Logoff policy and enable Success events for the Audit Account Lockout subcategory.

   2. Select the Account Management policy and enable Success events for the Audit User Account Management subcategory

   3. Select the Account Management policy and enable Success events for the Audit Security Group Management subcategory.

   4. Select DS Access. The value of Directory Service Access should be set to Success.