Solved

File sharing event log in windows 2011 sbs

Posted on 2014-03-18
3
900 Views
Last Modified: 2014-04-02
Does Windows 2008 (or Windows sbs 2011) records a log of each file opened and accessed by the network users? We have a shared folder on the server and each user access it using their credentials, one employee was fired and we want to know which files he was using last, or did he deleted some other files….
Or, is there a way to see which files where modified between yesterday’s backup and today´s backup? We use windows backup.
0
Comment
Question by:marpanet
3 Comments
 
LVL 4

Accepted Solution

by:
michaelalphi earned 500 total points
ID: 39938912
No way before enabled windows auditing.
To enable windows auditing for object access, first activate audits of successful object access attempts and Failure access attempts via the local or domain security policy settings. Else, you will have no record when a file or folder was accessed.
Moreover, this application should work fine for what you were looking here. And further, you will be able to monitor all the critical changes and activities made by users.
0
 
LVL 22

Expert Comment

by:David Atkin
ID: 39939115
Check to see if you have shadow copies enabled.  If yuo do then right click on the share folder, click properties and then go to previous versions and pick a date.

Check that list of files and folders against the existing one.  Its crude but will allow you to recover obvious file deletions. Another option is to check your backups.

With regards to logging the access. As per michaelalphi's comment.  Windows Auditing will need to be enabled.
0
 
LVL 2

Author Closing Comment

by:marpanet
ID: 39973802
Windows auditing was not turned on, I managed to turn it on and now monitor critical changes....

Also we are trying to buy the application, just not enough Budget for that.

Thank you both for the information:

About the backup, didn´t work even dough shadow copies are turned on.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now