Configuring object level auditing - using Windows shares
To audit file and folder access, object-level auditing must be enabled. This can be achieved in three ways:
- Using Windows shares
- Using PowerShell cmdlets
- Using Global Object Access Auditing
Using Windows shares
- Right-click on the share folder that you want to audit, and select Properties.
- Click on the Security tab > Advanced, and then click on the Auditing tab. For the Everyone group, add the following entries:
| |
Principal |
Type |
Access |
Applies To |
| File/folder changes |
Everyone |
Success, Failure |
- Create files / Write data
- Create folders / Append data
- Write attributes
- Write extended attributes
- Delete subfolders and files
- Delete
|
This folder, subfolders, and files |
| Folder permission and owner changes |
Everyone |
Success, Failure |
- Take ownership
- Change permissions
|
This folder and subfolders |
Don't see what you're looking for?
-
Visit our community
Post your questions in the forum.
-
Request additional resources
Send us your requirements.
-
Need implementation assistance?
Try OnboardPro
