Referencing the Microsoft TechNet article titled How to Manage User Device Affinity in Configuration Manager @ http://technet.microsoft.com/en-us/library/gg699365.aspx
How to configure the site to automatically create user device affinities
Use the following procedure to enable your Configuration Manager site to automatically create user device affinities from usage data that is reported by client devices.
Configuration Manager reads data about user logons from the Windows Event log. To be able to automatically create user device affinities, you must enable the following two settings from the local security policy on client computers to store logon events in the Windows Event log.
- Audit account logon events
- Audit logon events
You can use Windows Group Policy to configure these settings.
Be careful implementing these policies in Windows XP. By default the Event Log retention policy is 7 days and it is very likely to fill up the Security Event Log. Standard users will not be able to logon if the event log is full. To prevent this problem, also implement this policy in the GPO path Computer Configuration \ Policies \ Windows Settings \ Security Settings \ Event Log
- Retention Method for security log = Overwrite events as needed
I also suggest making the event logs larger so sufficient data will exist for UDA. I recommend 5-20 MB for the Event Logs. This can be scripted and deployed via SCCM or just lock the value using this GPO
- Maximum security log size = 20480 KB
Chad April 3, 2013
Posted In: ConfigMgr