I've been messing around with security audit policies and I can get one win2k server that is not connected to a domain to log an RDP connection IP for successful connections. I implemented the same ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results