Solved

audit queries

Posted on 2014-03-31
5
77 Views
Last Modified: 2015-06-24
dear gurus advise

for windows 2008 domain controller type network, how best we can audit our own network and get recommendation

any step by step tips guideline given
0
Comment
Question by:tmsa12
  • 2
5 Comments
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
Comment Utility
Auditing is vast topic

generally auditing needs to be set in Default domain Controller Policy or separate policy that will apply to Domain Controllers OU
http://blog.pluralsight.com/windows-server-2008-auditing-active-directory
http://www.manageengine.com/products/active-directory-audit/help/getting-started/manual-configuration-dc-auditing.html

Also for file servers auditing you must put file server in separate OU \ OR use GPO security filtering to apply GPO only to file server computer object
In that GPO you must enable Audit object access for success and failures and then you need to set auditing on shared folders properties\security \advanced tab\auditing and there you need to add all respective users for which you wanted to audit access

Check below articles for more info
http://social.technet.microsoft.com/Forums/windowsserver/en-US/da689e43-d51d-4005-bc48-26d3c387e859/auditing-on-file-server?forum=winserverfiles
http://blogs.technet.com/b/mspfe/archive/2013/08/27/auditing-file-access-on-file-servers.aspx

Note that all auditing activities records logs in security event logs so ensure that you will ensure security event log size on servers

Mahesh.
0
 

Author Comment

by:tmsa12
Comment Utility
dear gurus highly appreciate

in fact only domain admin, users audit required, folder/file sharing not require

advise any free tools to audit windows 2008 r2 enviornment and can it apply or install on master domain controller dc

regards
saleem
0
 
LVL 35

Expert Comment

by:Mahesh
Comment Utility
Microsoft provides the above way to set auditing on your Domain controllers

When you set auditing polices in Default Domain Controller Policy, it will apply to Domain Controllers only

If you are looking for 3rd party tools, they are not free and you can check trial version of Ad Audit Plus from Manage engine, its really good tool and if you found OK, you can buy it

Mahesh
0
 
LVL 34

Expert Comment

by:Seth Simmons
Comment Utility
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

Suggested Solutions

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now