Auditing file and folders Expand / Collapse
Author
Message
Posted 4/12/2016 2:26:38 AM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: Forum Members
Last Login: 4/6/2016 1:58:58 AM
Posts: 1, Visits: 0
in the group policy which is applied to the whole organization the audit object access under: Policies\Windows Setting\Security Setting\Local Policies/Audit policy is enabled for both success and failure. Is this enough to obtain all logs for all files and folders.
I have noticed that in folder properties, if we choose security -> advanced ->auditing we can choose users from AD that we want to monitor. Does this mean that we have to choose the users for all files and folders? Or is the group policy is enough?
Post #5194
Posted 4/24/2016 7:20:21 PM
Supreme Being

Supreme BeingSupreme BeingSupreme BeingSupreme BeingSupreme BeingSupreme BeingSupreme BeingSupreme Being

Group: Moderators
Last Login: 11/14/2013 3:17:47 PM
Posts: 237, Visits: 0
Enabling the group policy settings that you describe allows the events to be generated. You still have to configure which files that you want to monitor and for what users. You could select auditing on the main drive for the user "Everyone" to accomplish what you are asking. This is not advised since this will generate an ENORMOUS amount of events. File access auditing works well in targeted scenarios.
Post #5197
« Prev Topic | Next Topic »


Permissions Expand / Collapse

All times are GMT -5:00, Time now is 4:09am