List of permissions on shared folders in Server 2012 and Auditing changes.

This is really two parts but I'll start with the ultimate goal.  
Client would like to know any time restricted folder permissions are changed to avoid unauthorized access to files.

Here's how it was presented to me.  the client asked me to get a list of all the shared folders on the server that have security permissions assigned to them and then set up some type of "auditing" (his words, not mine) or alerting of changes made to those folders.

I would prefer to stay away from PS scripts if I can because I'm not very familiar with PS yet and I'd have to ask someone to review the script before running it on a client server.

Is there an enumerator app that would work with server 2012?
Is this type of Auditing possible and or practical?

As always, Thanks for your guidance.
B19SupportAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
 the client asked me to get a list of all the shared folders on the server that have security permissions assigned to them and then set up some type of "auditing" (his words, not mine) or alerting of changes made to those folders.

Everything on a NTFS volume has a security permission. Shares also have share permissions  
just change the auditing to record any security changes.  what you do with event id 4907 is up too you in your security event logs.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Joseph DalyCommented:
It is an older looking program but I still haven't found one that works better for dumping permissions.

http://www.systemtools.com/cgi-bin/download.pl?DumpAcl

This will let you dump the permissions on shares/folders for your initial audit. Then as stated above you can enable the auditing to log events related to security changes.

I would also take a look at either increasing the size of the security log or possibly forwarding the logs to some kind of logging app like splunk,greylog, etc.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.