Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

User Accounts Audit - AD users

Posted on 2016-07-19
3
Medium Priority
?
61 Views
1 Endorsement
Last Modified: 2016-09-21
Hi all,

I am trying to develop a report to includes win2012R2 AD user accounts successful logins in and out times daily report - as well as Auditing shared folders access to know who did read , write , deleted any file or folder within a specific Shared drive.

I am sure some came across a similar requirement, looking forward hearing from you all.

Cheers
Dash
1
Comment
Question by:Dash Amr
3 Comments
 
LVL 25

Accepted Solution

by:
Mohammed Khawaja earned 1000 total points
ID: 41721548
What you are trying to do has been done and you can download utilities that could do that.  Have you looked at Netwrix tools where they have some paid as well as some freeware tools to do what you are trying to achieve.

My other suggestion would be turn on all the loggings and then use a tool such as Splunk where you feed Splunk the Windows logs and there are built-in apps/module for standard reports.  

If you wish to write your own then use PowerShell and note that you would have to consolidate many logs from numerous sources/servers which may not be the most optimum/easy way of doing it.
1
 
LVL 1

Assisted Solution

by:XcelogiX
XcelogiX earned 1000 total points
ID: 41722183
It takes a little bit of setting up, but you can configure Account Logon auditing in a GPO scoped to your Domain Controllers, then forward the Security logs from the DCs to a single server where you can review & export the logs later, as you desire.

The file server can be configured either locally or by GPO to audit File System Access, or use the Advanced Auditing feature to specify what it is you want to record. Don't forget once you do that, you also have to go into the Permissions settings for the folder you want to monitor and add Auditing entries.
1

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
In this modest contribution, I want to share with the IT community (especially system administrators, IT Support Engineers and IT Help Desks) about Windows crashes/hangs and how to deal with these particular problems.
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question