Enabling auditing without access control on a managed computer

If you only enable auditing, the agent captures detailed information about the command input and output in the login shell of the managed computer. All of the activity is stored in the Microsoft SQL Server database and available to you for queries and reports. However, there’s no role-based enforcement of what activity is allowed on the audited computer.