Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

User Accounts Audit - AD users

Posted on 2016-07-19
3
Medium Priority
?
60 Views
1 Endorsement
Last Modified: 2016-09-21
Hi all,

I am trying to develop a report to includes win2012R2 AD user accounts successful logins in and out times daily report - as well as Auditing shared folders access to know who did read , write , deleted any file or folder within a specific Shared drive.

I am sure some came across a similar requirement, looking forward hearing from you all.

Cheers
Dash
1
Comment
Question by:Dash Amr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 25

Accepted Solution

by:
Mohammed Khawaja earned 1000 total points
ID: 41721548
What you are trying to do has been done and you can download utilities that could do that.  Have you looked at Netwrix tools where they have some paid as well as some freeware tools to do what you are trying to achieve.

My other suggestion would be turn on all the loggings and then use a tool such as Splunk where you feed Splunk the Windows logs and there are built-in apps/module for standard reports.  

If you wish to write your own then use PowerShell and note that you would have to consolidate many logs from numerous sources/servers which may not be the most optimum/easy way of doing it.
1
 
LVL 1

Assisted Solution

by:XcelogiX
XcelogiX earned 1000 total points
ID: 41722183
It takes a little bit of setting up, but you can configure Account Logon auditing in a GPO scoped to your Domain Controllers, then forward the Security logs from the DCs to a single server where you can review & export the logs later, as you desire.

The file server can be configured either locally or by GPO to audit File System Access, or use the Advanced Auditing feature to specify what it is you want to record. Don't forget once you do that, you also have to go into the Permissions settings for the folder you want to monitor and add Auditing entries.
1

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's recap what we learned from yesterday's Skyport Systems webinar.
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question