Configuring policy setting in this category can help you document domain attempts to authenticate account data, either to a domain controller or a local Security Accounts Manager (SAM). Unlike Logon/Logoff policy settings and events, which track attempts to access a particular computer, settings and events in this category focus on the account database being used.