Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Having trouble setting audit log for file access, changes and deletions in Windows Server 2003, SBS

Posted on 2008-10-09
2
Medium Priority
?
223 Views
Last Modified: 2013-12-04
I have set my Audit Objects on and have changed some files on the server, but still do not see these changes in the Event Viewer log.  I can see users logging in and out, but not file changes.  Am I looking in the right place?  I even added an audit in the folder I am most interested in and still see nothing.

I feel like I am missing a "switch" somewhere.

I have made setting changes in Domain Controller Policies and Domain Policies.  Could someone also tell me what the difference is in these two windows?

My concern is we have had entire folders disappear more than once and would like to see who may be doing this.

Thank you in advance for your help.
0
Comment
Question by:bunky9960
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 4

Accepted Solution

by:
placebo69a earned 2000 total points
ID: 22682541
Turning on Audit Object Access is not enough for events to start popping up in your security log. You have to apply the auditing policy to specfic files or folders in order to catch events concerning those files and folders. This can be done by following the instructions in this article.
Let me know if this helps. :)
0
 

Author Closing Comment

by:bunky9960
ID: 31504689
Yes!  This worked great.  I can now track the file usage and see who is doing what they should not be doing.  Thanks again.
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question