Follow these steps to use Audit File Share:
-
Open Local Security Policy by clicking the Start button, typing secpol.msc into the search box, and then clicking secpol. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
-
In the left pane, expand the Advanced Audit Policy Configuration folder. Expand System Audit Policies - Local Group. Double-click on Object Access.
In the right pane double-click on Audit File Share.
- In the Audit File Share Properties window select the Configure the following events: check box. Then select the Success check box and the Failure check box to audit both successful and unsuccessful attempts to access a shared folder. Then click OK.
Source: http://technet.microsoft.com/en-us/library/dd772690%28WS.10%29.aspx
3 comments:
Nice blog post, I am pleased to read this post related to auditing share folder I found file access auditing(http://www.lepide.com/file-server-audit/)tool which helps to monitor unauthorized file server accessing in a specific date and time on windows server and know who accessed all files and folders from which location by whom.
A solution for monitoring user access to local and remote files and keeping detailed history of file operations: creating, moving, deleting, reading and writing to files. Flexible reporting capabilities, notifications, and a powerful filtering system. http://www.esystool.com/network-access-monitoring/
Thanks, it's very informative article related to track user activity. I found the good option from file access auditing solution which assists to track user activities. This tool allows me to audit access events on file/ folder and reporting of the entire File servers from a centralized location. It generates instant alerts on all the critical changes made in file servers.
Post a Comment