Solved

Audit Specific Folders on Windows 2003 Server

Posted on 2007-03-21
2
358 Views
Last Modified: 2009-08-19
Here are the facts:

I have a server that holds a ton of information that is accessed by 5000 employees
I want to audit object access on one folder, and one folder only

I have seen a lot of information on this subject and they all say the same thing:

Step One - Go to the group policy editor and turn on successful events for Audit Object Access
and
Step Two - Go to the folder I want to audit and add the group or users I want to audit,  then select the "actions" you want to audit

I have already learned that doing step two without step one produces zero results. HERE IS THE REAL QUESTION. If I do step one, but dont define a folder to audit, will it start filling up my security log with stuff, OR, Is step two required to get any results at all.

Thanks in advanve for your help.

0
Comment
Question by:phishyman2
2 Comments
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 250 total points
ID: 18767529
step two is required...... you have to have both configured or nothing will work
0
 

Expert Comment

by:zorba111
ID: 25137072
NO !!

If you do step 1 on its own, you get a whole load of access events by default for things you haven't even told the system you want to monitor !!

I  think that a lot of things like the registry and system folders log acces events as soon as a GPO enables a "Object Access Policy".
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

27 Experts available now in Live!

Get 1:1 Help Now