Local Security Policy on Server Core

Hi!

 

I have installed STAS on a 2016 Server Core, but all my users has an account logon type 1.

Sophos is 17.5.5 MR5 and STAS is 2.2.3.0.

 

I am having some problems with some users not being able to authenticate through SSO, only opening the web portal.

I think it may be related to the account logon in local security policy, because theres no event 4768 in event log, but how can i change the audit account logon on server core?

I know about the secedit command, but i am afraid to import the security settings of another server into my AD Server.

 

Theres another way?

 

Thanks