• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3329
  • Last Modified:

Tracking User File Access and Activity in Active Directory

I need to be able to track user's acess to files and determine whether or not they copy the files to another PC or media, etc.  I'm running a combination of Windows 2000 and 2003 servers and Windows XP Pro clients in an Acitve Directory environment.  Is there some policy I can set up to log this specific informaiton?  If so, how would that be set up?  Or, is there some third party software I need to get?  
0
Tenrags
Asked:
Tenrags
  • 2
  • 2
1 Solution
 
bbaoIT ConsultantCommented:
> I need to be able to track user's acess to files and determine whether or not they copy the files to another PC or media, etc.

basically, if you only use built-in functionalities of MS OSes, you need to enable security audit on the servers (where the files are from) and the client computers (where the files to be copied to). commonly you should audit a few security-sensitive resources only, not all resources on servers and client computers, as it will generate huge logs in system events, and probably reduce performance.

to enable security audit, run GPEDIT.MSC at command prompt to enter Group Policy MMC, under Computer Configuration | Windows Settings | Security Settings | Local Policies | Audit Policy, choose the event types to be audit.

to audit a specific file or folder, go to Windows Explorer, right-click the file/folder name, choose Properties | Security | Advanced | Auditing, add the items to be audited.

for more information regarding security audit on Windows, please read the following MS official article.

How to enable and apply security auditing in Windows 2000
http://support.microsoft.com/kb/300549

hope it helps,
bbao
0
 
TenragsAuthor Commented:
Thanks.  It looks as if this only logs success/failure of object access.  Anything out there that would tell me if the files/folders were copied and possibly where they were copied to?
0
 
bbaoIT ConsultantCommented:
> if the files/folders were copied

in server side logs

> and possibly where they were copied to

in client side logs
0
 
TenragsAuthor Commented:
Thanks bbao.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now