Solved

Auditing Security Events

Posted on 2009-04-02
2
291 Views
Last Modified: 2012-05-06
I want to set auditing on only one Shared folder on a server that holds home folders for users and a shared department data folder. I want to capture folder moves, creations, deletions and security changes to the folders using the built in auditing features of Windows 2003. I know that this can potentially make my security event logs get very big.

Does anyone have suggestions or recommendation on how to do this?
0
Comment
Question by:Y2KBDS
2 Comments
 
LVL 70

Accepted Solution

by:
KCTS earned 500 total points
ID: 24050671
First you need to go to the Local Security Policy and go to the Audit Policy and enable the auditiong of Object Access (as you only want to record whrn something has happend just select "success"

Then on the folder go to Security->Advanced and select the auditing tab. Add the group(s) you want to monitor (or use Everyone), and then specify the events to be logged.
0
 
LVL 2

Expert Comment

by:netskyb0
ID: 24050690
Standard procedure:

Open GP Management on your server and in computer security policy you have to enable "object auditing" then right click the folder you interested in auditing and go to properties, then click "security", advanced and "auditing" then create policy for auditing for users, actions and so on.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives bas…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now