user.ignore.audit.level

This configuration parameter is no longer used except for backward compatibility. It has been replaced by the nss.user.override.auditlevel parameter. This configuration parameter specifies the audit level setting for the user that you want to ignore for authentication and lookup requests in Active Directory. In most cases, you use this parameter when you have specified local user accounts that do not have a corresponding user account in Active Directory, but for which you want to audit session activity. By default, the users you specify for the uid.ignore or user.ignore parameter are audited if auditing is enabled and the auditing service (dad) is running on the local computer (audit if possible). You can disable the auditing of user activity for the users specified by the uid.ignore or user.ignore parameter by setting this parameter value to one (1). For example, if you don’t want to audit activity for the users specified in uid.ignore or user.ignore list, set the parameter as follows:

user.ignore.audit.level: 1

You cannot require auditing for the users specified in uid.ignore or user.ignore list because those users would be unable to log on if the auditing service stops running or is removed from a local computer. To prevent users from being locked out, you can only set this parameter to audit if possible (0) or no auditing (1).