Solved

File Server Auditing

Posted on 2008-10-01
3
351 Views
Last Modified: 2012-08-13
Hi,

   I have a client who has as she says a "ghost moving files from folders to other folders" within her organization.  She feels that nobody could possibly be moving them because they are a small office and everyone is as confused as she is.   Be that as it may, I have never seen a ghost in a server so I'm sure that someone is moving them around, possibly by accident.  Anyway, I want to enable secury settings so I go to secpol.msc and go to local machine.  I want to audit the access to particular folders so I try to audit object access (I think this is the right thing to enable) and when I go to properties, where I want to "Audit these attempts: ", the check boxes for success and failure are both grayed out.  Is there a process I need to make sure is started before I can do this?  Please let me know....
0
Comment
Question by:Greg612
3 Comments
 
LVL 18

Accepted Solution

by:
Americom earned 500 total points
ID: 22621123
Those are grayed out probably you have Domain Group Policy enable.

Anyway, to enable auditing on file server for specific volume, folder, or file, you need to logon to the file server and select the interested data to audit.
For example, if you want to audit a folder, right-click on the folder-->properties-->Security-->Advanced-->Auditing--Add. Select the group or users that you want to audit. Once you locate the user or group, you will see all the Accesses for are looking for.

0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you considered what group policies are backwards and forwards compatible? Windows Active Directory servers and clients use group policy templates to deploy sets of policies within your domain. But, there is a catch to deploying policies. The…
INTRODUCTION The purpose of this document is to demonstrate the Installation and configuration of the Data Protection Manager product. Note that this demonstration was prepared on the basis of Windows OS is 2008 R2 and DPM 2010. DATA PROTECTI…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question