Hi, we have a few folders that we need to audit who's accessed it and most importantly who changes the folder name!.....Possible? This a Win2k server on a WinNT 4.0 Domain....
Absolutely it is possible. First you have to make sure Group Policy is for Auditing is turned on for your Domain.
To do this follow these instructions:
Go to the Domain Security Policy under Administrative Tools. Expand Local Policies, Expand Audit Policy and enable Audit Object Access.
Now for your folder, follow these steps.
You will have to turn this on for each folder, but yes you can do this.
Right-Click the Folder you want audited and then click properties. Go to the Security Tab and Click Advanced. Click the Auditing Tab.
Here you will have the opportunity to specify groups or users that you would like auditing regarding this folder.
I recommend adding the Domain User Group as everyone that logs on to your domain should be domain user, but know that you can specify individual user.
Once you have done this it will popup on the Successful and Failed selection of the audit, I recommend just selecting everything. Also look at the Apply Onto where you can select what you want this audit to audit. There you can select Folder.
When done you will be back to the Auditing Tab. You are now completed with setting up.
Once all these steps are completed you should be able to go to Event View and look under Security and see who accessed the folder.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.