Support
 
Phone Get Quote
 
Support
 
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

With Native AD Auditing

Naive Method

Step 1: Enable 'Audit object access' policy
  • Launch the Group Policy Management console (Run --> gpedit.msc)
  • Create a new GPO and link it to the domain containing the file server or edit the existing GPO that is linked to the relevant domain.
  • Navigate to Computer Configuration -> Windows Settings -> Security Settings ->Local Policies -> Audit Policy.
  • Under Audit Policy, select 'Audit object access' and turn auditing on for both success and failure.
Step 2: Edit auditing entry in the respective file/folder
  • Locate the file or folder for which you wish to track all the accesses. Right click on it and go to Properties. Under the Security tab click Advanced.
  • In Advanced Security Settings, go to the Auditin tab and click Add to add a new auditing entry.
In the Auditing Entry for Active Directory dialog box, enter the following details:
  • Principal: Enter the names of the users whose access you wish to audit.
  • Type: Select the type of access you want to audit. It is preferable to audit "All" changes.
  • Applies to: Select whether you want to audit permission changes only on this file, or on all sub folders and files.
  • Basic permissions: Choose the types of permissions you want to audit. For your specific need, click 'Advanced permissions', and select 'Traverse folder / execute file', 'List folder / read data', 'Create files /write data', 'Create folders / append data', 'Write attribute'.
View more  

With ADAudit Plus

Complete change monitoring on files/folders with ADAudit Plus:

ADAudit Plus offers reports that pull up changes made to your files/folders with complete details in a single click. These reports can be exported in any format such as CSV, PDF, XML etc. Real-time alerts can be sent to your e-mail or phone so that you can be notified when changes are made to a critical file or folder. Here is how you can access these reports:

Login to ADAudit Plus → Go to File Audit tab → Under File Audit Reports → navigate to All File/Folder Changes report. Select the time period for which you want to track the changes made and the domain that the file server belongs to.

The details you will find in this report are:
  • Name of the file/folder that was changed
  • Who made the changes
  • When the change was made
  • Location of the file/folder

You can select the type of changes you want to see by filtering them out form the graph shown above the report. For example, if you want to see the files that were deleted, simply pick them out from the graph, and all logs of deleted files will be displayed.

To categorize changes based on user or server, there are individual reports for each. They display the same details but they are curated based on the server or user you choose.

  image of  

x

ADAudit Plus Trusted By