• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 369
  • Last Modified:

audit forMS 2008 server R2

I wanted to know what auditing is available for MS server 2008 R2?  Lately, we've had issues with someone in our  team owning up to modifying share and ntfs permissions on a particular server and/or folders and we wanted to audit these changes.  What's available within the MS world for this challenge?  Lastly, what if we go outside MS world?
0
uppercut7141
Asked:
uppercut7141
1 Solution
 
Tony GiangrecoCommented:
Unless you already have enabled any of the items found in the Local Security Policy, only the default items will be logged. Those logs are found in the security log of the event viewer.

You can open the options for Audit Policy and enable the options. After enabling them, you should see more logging occur as events happen.
0
 
MisterTwelveCommented:
Hi

Another options is SCOM and ACS. if you have SCOM in your domain is the best options, because you have reports to get information you need. Read security logs is not easy, but without SCOM is only option i know.

Take a look on this http://blogs.technet.com/b/fesiro/archive/2013/01/08/how-to-deploy-audit-collection-services-acs-in-scom-2012.aspx

Regards
0
 
uppercut7141Author Commented:
I'm trying to Click Start, point to Administrative Tools, and then Group Policy Management; however, there is no GROUP POLICY MANAGEMENT option when I attempt to do this on a Server 2008 R2 server.  Do I need to do something else for this option to appear?  

I just want to be able to track who modified changes on either NTFS or folder permission on a specific time.  When I attempted to go on the event log, everything is taken up...meaning all logs seem to be from today.  I can't view anything from 3 or 4 days ago which is where I'd like to begin the audit.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now