Solved

audit queries

Posted on 2014-03-31
5
84 Views
Last Modified: 2015-06-24
dear gurus advise

for windows 2008 domain controller type network, how best we can audit our own network and get recommendation

any step by step tips guideline given
0
Comment
Question by:tmsa12
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 37

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39966760
Auditing is vast topic

generally auditing needs to be set in Default domain Controller Policy or separate policy that will apply to Domain Controllers OU
http://blog.pluralsight.com/windows-server-2008-auditing-active-directory
http://www.manageengine.com/products/active-directory-audit/help/getting-started/manual-configuration-dc-auditing.html

Also for file servers auditing you must put file server in separate OU \ OR use GPO security filtering to apply GPO only to file server computer object
In that GPO you must enable Audit object access for success and failures and then you need to set auditing on shared folders properties\security \advanced tab\auditing and there you need to add all respective users for which you wanted to audit access

Check below articles for more info
http://social.technet.microsoft.com/Forums/windowsserver/en-US/da689e43-d51d-4005-bc48-26d3c387e859/auditing-on-file-server?forum=winserverfiles
http://blogs.technet.com/b/mspfe/archive/2013/08/27/auditing-file-access-on-file-servers.aspx

Note that all auditing activities records logs in security event logs so ensure that you will ensure security event log size on servers

Mahesh.
0
 

Author Comment

by:tmsa12
ID: 39968664
dear gurus highly appreciate

in fact only domain admin, users audit required, folder/file sharing not require

advise any free tools to audit windows 2008 r2 enviornment and can it apply or install on master domain controller dc

regards
saleem
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39970353
Microsoft provides the above way to set auditing on your Domain controllers

When you set auditing polices in Default Domain Controller Policy, it will apply to Domain Controllers only

If you are looking for 3rd party tools, they are not free and you can check trial version of Ad Audit Plus from Manage engine, its really good tool and if you found OK, you can buy it

Mahesh
0
 
LVL 35

Expert Comment

by:Seth Simmons
ID: 40848207
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We recently had an issue where out of nowhere, end users started indicating that their logins to our terminal server were just showing a "blank screen." After checking the usual suspects -- profiles, shell=explorer.exe in the registry, userinit.exe,…
If you migrate a Terminal Server licenses server inside the 2008 server family, you can takte advantage of the build-in migration tool. If you like to migrate an older 2003 Server (and the installed client CALs) to a 2008 R2 server for example, you …
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question