What is a File Server?

A file server is a central storage space from where data can be accessed by authorized users. Besides users, the files in the file server can also be accessed by other applications or systems, provided they have the necessary permissions to do so.

The server administrator determines which user(s) or group(s) can access, view, read, write, modify, create, or delete files. For real-time monitoring of file servers, comprehensive Active Directory monitoring solution like ADAudit Plus can be employed.

File servers connected to the internet are extremely beneficial to not only local users, but also remote users, as employees can work with files from a remote location. Additionally, collaborative work is made possible by the central server.

Types of file servers, their configuration and how to obtain ADAudit Plus file server tracking reports

The following table shows the list of file servers, types, examples and how to audit them using ADAudit Plus:

File Servers	Types	Examples	ADAudit Plus
Windows File Server (2003 and 2008 Servers)	Standalone servers(SMB shares)	eg., \\<Server name>\<share>	1. Log in to the ADAudit Plus console. 2. Select the File Audit tab. 3. Select Windows File Server report under Configured Server(s).
	Standalone Namespace	DFS Shares/DFS-R Shares eg., \\<Server name>\Namespace\share 1. To audit DFS root configure Namespace servers/To audit DFS shares configure target servers 2. Configure both or all Target Servers for DFS-R shares 3. Configure all cluster nodes for failover
	Domain based namespace (2003 and 2008 mode)	DFS Shares/DFS-R Shares eg., \\<Domain Name>\Namespace\share 1. To audit DFS root configure Namespace servers/To audit DFS shares configure target servers 2. Configure both or all Target Servers for DFS-R shares
Windows Fail over Cluster (Server 2008 mode)	SMB Shares	eg., \\<CluserCapName>\share	1. Log in to the ADAudit Plus console. 2. Select the File Audit tab. 3. Select Windows File Cluster report under Configured Server(s).
Windows Fail over Cluster (Server 2008 mode)	Standalone namespace	DFS Shares/DFS-R Shares \\<ClusterCapName>\<NameSpace>\<Shares> 1. To audit DFS root configure ClusterCap/To audit DFS Shares configure TargetClusterCap(s). 2. Configure both or all TargetClusterCap(s) for DFS-R Share(s).
Windows Server Cluster (Server 2003 mode)	SMB Shares	eg., \\<Node Name>\share or \\clusterNetworkName\share	1. Log in to the ADAudit Plus console. 2. Select the File Audit tab. 3. Select Windows File Server report under Configured Server(s).
Windows Server Cluster (Server 2003 mode)	Standalone Namespace	1. To audit DFS root configure NameSpace Server/To audit DFS Shares configure TargetServer(s). 2. Configure both or all TargetServer(s) for DFS-R Share(s). 3. Event log replication exists on cluster nodes. 4. There is no scope for clustered share, ie., using cluster node name user can access both normal SMB share and cluster share. 5. Need to configure all cluster Nodes for failover.
NetApp Filer Configuration	-	-	1. Log in to the ADAudit Plus console. 2. Select the File Audit tab. 3. Select NetApp Server report under Configured Server(s).
EMC Server Configuration	-	-	1. Log in to the ADAudit Plus console. 2. Select the File Audit tab. 3. Select EMC Server report under Configured Server(s).
EMC Isilon	-	-	1. Log in to the ADAudit Plus console. 2. Select the File Audit tab. 3. Select EMC Isilon report under Configured Server(s).
Synology NAS	-	-	1. Log in to the ADAudit Plus console. 2. Select the File Audit tab. 3. Select Synology NAS report under Configured Server(s).

Auditing file servers

File server auditing tells us who has access to what files, who accessed the files, the changes made to files, and so on. It generates reports, and also alerts the IT team of an organization in case of a security breach. It shows identifiable factors like IP address, domain controller name, username etc. to pinpoint the source of an event.

File server auditing is a way to test whether the IT security set up in the organization is in place.

File server auditing with ADAudit Plus

Get your fully functional 30-day free trial

ADAudit Plus file server monitoring and auditing capabilities provide real-time activity reports. Administrators can centrally audit, monitor and view pre-configured reports and schedule reports on file server.

To obtain File Server Reports,

Login to the ADAudit Plus web console.
Log in to the ADAudit Plus web console.
Click on File Audit tab → File audit reports.
Select the report of your choice, and see information about file and folder creations, modifications, permission changes, and more.

Have a glimpse of some of the ADAudit Plus reports by viewing the screenshots of (i) Files modified report, (ii) Folder owner changes report, and (iii) Files renamed report, below.

A comprehensive report in ADAudit Plus on who modified files in Active Directory

A comprehensive report in ADAudit Plus on changes made to folder ownership in Active Directory

A comprehensive report in ADAudit Plus on files renamed in Active Directory

In these reports, you can obtain information such as:

What file or folder was modified?
When was it modified?
Who modified it?
Where (what server and which location) was the file modified?

About ADAudit Plus

ADAudit Plus is a real-time Active Directory auditing tool, that offers 200+ reports and email alerts. It is a useful tool to understand employee behavior with regards to IT, and thwart insider and outsider attacks. It is also a valuable solution for companies that need to adhere to compliance mandates.

Managing file servers need not be complicated at all. Try ADAudit Plus for auditing all your files and folders

More related links

✕
Native auditing becoming a little too much?

Try ADAudit Plus login monitoring tool to audit, track, and respond to malicious login and logoff actions instantaneously.
Try ADAudit Plus for free