Solved

Auditing Security Events

Posted on 2009-04-02
2
299 Views
Last Modified: 2012-05-06
I want to set auditing on only one Shared folder on a server that holds home folders for users and a shared department data folder. I want to capture folder moves, creations, deletions and security changes to the folders using the built in auditing features of Windows 2003. I know that this can potentially make my security event logs get very big.

Does anyone have suggestions or recommendation on how to do this?
0
Comment
Question by:Y2KBDS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 70

Accepted Solution

by:
KCTS earned 500 total points
ID: 24050671
First you need to go to the Local Security Policy and go to the Audit Policy and enable the auditiong of Object Access (as you only want to record whrn something has happend just select "success"

Then on the folder go to Security->Advanced and select the auditing tab. Add the group(s) you want to monitor (or use Everyone), and then specify the events to be logged.
0
 
LVL 2

Expert Comment

by:netskyb0
ID: 24050690
Standard procedure:

Open GP Management on your server and in computer security policy you have to enable "object auditing" then right click the folder you interested in auditing and go to properties, then click "security", advanced and "auditing" then create policy for auditing for users, actions and so on.
0

Featured Post

Enroll in June's Course of the Month

June’s Course of the Month is now available! Experts Exchange’s Premium Members, Team Accounts, and Qualified Experts have access to a complimentary course each month as part of their membership—an extra way to sharpen your skills and increase training.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Email attacks are the most common methods for initiating ransomware and phishing scams. Attackers want you to open an infected attachment or click a malicious link, and unwittingly download malware to your machine. Here are 7 ways you can stay safe.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question