If you've configured Mi-Token Reporting but are not seeing authentication events show up in the reports, here are some things to check:
- Restart the Mi-Token AD LDS service and check its event log to confirm it has the necessary privileges to generate audit events.
- Confirm that the Windows security policy on the Mi-Token server is configured to audit directory service access events. You should see these events being logged in the Windows Security event log.
- Verify the Mi-Token Audit Helper service is running on the Mi-Token authentication server. This service collects the relevant security events and forwards them to the Reporting database.
- Check that the Audit Helper service is successfully connecting to the Reporting database and storing the collected events. You can see this in the Mi-Token event log.
- If you recently changed the audit policy on the Mi-Token server, run gpupdate /force to ensure the new policy is in effect.
If the authentication events are being generated and collected by the Audit Helper but still not showing up in the Reporting console, there may be an issue with the reporting database or web application. Check the Reporting server logs for any errors. If you can't resolve the issue, contact Mi-Token support with relevant details for assistance.