Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 581
  • Last Modified:

Auditing User Access of Files, Folders for window 2003 default enable

Hi Experts ,

I asking question for my HR manager who work in my company . we have window 2003 server standard edition as file server , He asked me default gpo policy for auditing user access of files are enable by default , Is it correct . Someone has links that  can proof default window server 2003 domain controller gpo policy is not enable by default .

B.rgds
0
mgzawmyomin
Asked:
mgzawmyomin
  • 2
2 Solutions
 
Leon FesterIT Project Change ManagerCommented:
There is some auditing enabled by default, but not at the level that you want/need.

It can be done pretty easily via GPO or on specific folders even.
http://msmvps.com/blogs/richardwu/archive/2010/07/16/enabling-file-and-folder-auditing.aspx
http://technet.microsoft.com/en-us/library/cc738931(v=ws.10).aspx
http://support.microsoft.com/kb/325898


But more importantly, make sure that the folders are restricted so that only users with the neccessary permissions can view those folders.

Especially with the HR department, nobody besides HR should have access to their shared folders/network storage locations otherwise anybody will be able to see confidential information.
0
 
KCTSCommented:
There is no auditing of folder or file access by default - if you want to switch it on then you first have to enable auditing of object access

Once that's done then for each folder (or file) you want to audit, you can set which users and which events should be recorded
0
 
KCTSCommented:
opps - I forgot the link

http://support.microsoft.com/kb/310399

This is for XP but all versions of windows are similar
0
 
JustMy2CentsCommented:
Problem is, native File System Auditing in Windows servers is really cumbersome to analyze (especially for non-IT staff like HR) because event logs contain tons of low-level information and noise.

You should consider using a 3rd-party software solution called FileAudit, that tracks, audits, reports and alerts on all access to files and folders on Windows servers.

Detailed info and trial:
http://www.isdecisions.com/products/fileaudit

I also noticed the availability of FileAudit 4 beta version:
http://blog.isdecisions.com/post/37190108134/fileaudit-4-join-the-beta-testing-program-enter-to
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now