Big savings, Better ROI! Exclusive discounts on ManageEngine Products!* Boost your business *T&C apply
    Click here to shrink
    Click here to expand Click here to expand

    Configuring object level auditing - Using GPO

    To audit file and folder access, object-level auditing must be enabled. This can be achieved in three ways:

    • Using Windows shares
    • Using PowerShell cmdlets
    • Using Global Object Access Auditing

    Using Global Object Access Auditing

    • Log in to any computer that has the GPMC with Domain Admin credentials.
    • Open the GPMC and, based on your setup, right-click Default Domain Controllers Policy or ADAuditPlusMSPolicy or ADAuditPlusWSPolicy, and select Edit.

      Note:

      To enable FIM on Right-click
      Domain controller Default Domain Controllers Policy GPO
      Windows server ADAuditPlusMSPolicy GPO
      Workstation ADAuditPlusWSPolicy GPO
    • In the Group Policy Management Editor, go to Computer Configuration > Policies > Windows Settings > Security Settings > Advanced Audit Policy Configuration > Global Object Access Auditing > File system > Define this policy setting > Configure. For the Everyone group, add the following entries:
    • Principal Type Access
      File/folder changes Everyone Success, Failure
      • Create files / Write data
      • Create folders / Append data
      • Write attributes
      • Write extended attributes
      • Delete subfolders and files
      • Delete
      Folder permission and owner changes Everyone Success, Failure
      • Take ownership
      • Change permissions

    Don't see what you're looking for?

    •  

      Visit our community

      Post your questions in the forum.

       
    •  

      Request additional resources

      Send us your requirements.

       
    •  

      Need implementation assistance?

      Try onboarding

       

    On this page

    Get download link