•  
  • Feature-specific Configuration
  • File integrity monitoring
  • Configure object-level auditing
  • Using Global Object Access Auditing settings
Click here to shrink
Click here to expand Click here to expand

Configuring object level auditing - Using GPO

To audit file and folder access, object-level auditing must be enabled. This can be achieved in three ways:

  • Using Windows shares
  • Using PowerShell cmdlets
  • Using Global Object Access Auditing

Using Global Object Access Auditing

  • Log in to any computer that has the GPMC with Domain Admin credentials.
  • Open the GPMC and, based on your setup, right-click Default Domain Controllers Policy or ADAuditPlusMSPolicy or ADAuditPlusWSPolicy, and select Edit.

    Note:

    To enable FIM on Right-click
    Domain controller Default Domain Controllers Policy GPO
    Windows server ADAuditPlusMSPolicy GPO
    Workstation ADAuditPlusWSPolicy GPO
  • In the Group Policy Management Editor, go to Computer Configuration > Policies > Windows Settings > Security Settings > Advanced Audit Policy Configuration > Global Object Access Auditing > File system > Define this policy setting > Configure. For the Everyone group, add the following entries:
    • Principal Type Access
    File/folder changes Everyone Success, Failure
    • Create files / Write data
    • Create folders / Append data
    • Write attributes
    • Write extended attributes
    • Delete subfolders and files
    • Delete
    Folder permission and owner changes Everyone Success, Failure
    • Take ownership
    • Change permissions

Don't see what you're looking for?

  •  

    Visit our community

    Post your questions in the forum.

     
  •  

    Request additional resources

    Send us your requirements.

     
  •  

    Need implementation assistance?

    Try OnboardPro

     

Copyright © 2025, ZOHO Corp. All Rights Reserved.

Get download link