Hello
It sounds like you're experiencing some issues with the advanced auditing group policy settings. Here are a few steps and considerations that might help resolve the issue:
Verify Policy Application: Ensure that the separate policy you created is correctly linked to the appropriate Organizational Unit (OU) and that it has higher precedence over other conflicting policies. You can use the gpresult /H c:\gpresults.html command to generate a report and verify which policies are being applied.
Audit: Force Audit Policy Subcategory Settings: You mentioned that this setting is turned on. This is crucial as it ensures that the advanced audit policy settings override the basic audit policy settings. Double-check that this setting is correctly configured in the policy.
Check for Conflicting Policies: Sometimes, local policies or other group policies might conflict with your advanced audit policy settings. Running auditpol /get /category:* can help you see the current audit policy settings and identify any discrepancies.
MDI Readiness Report: If the MDI readiness report shows that advanced auditing is turned off, it might be due to a delay in policy application or a conflict with another policy. Ensure that the policy is correctly applied and that there are no errors in the event logs related to group policy application.
Policy Refresh: Force a group policy update on the affected machines using the gpupdate /force command. This ensures that the latest policy settings are applied.
Consult with Experts: Given the complexity of group policies and advanced auditing, it might be helpful to consult with a Windows Online Support Expert.