asked on
Enable auditing on HR directory - Windows file server
Hey Experts. Need to enable auditing on a file server for a particular directory and all child directories/files. The permissions for the HR directory is locked down via NTFS permissions however the decision was made to log all access attempts (successful or unsuccessful). Having done this never and with this being a delicate topic at the office, I decided to ask how to implement this.
Server is Windows 2012 (we are migrating to a Windows 2022 server but the directory that HR sits under doesn't move until next week) and we are in an Active Directory domain. I enabled auditing and used "Everyone" as the principal with the policy applied to that folder and all subfolders/files.
Is there more to it then that? What do I look for in the event viewer to see if the directory was accessed (un/successful)? I appreciate your help and guidance.
ASKER
Thank you both for the advisement. Making the changes accordingly and will post back shortly.