Re: Auditing A Folder

From: Richard Giagnacovo <RickGiagnacovo@xxxxxxxxxxx>
Date: Tue, 24 Jul 2007 20:45:29 +0100

If you enable auditing on certain files and folders, this information should be shown in the Security event log, but you must enable auditing on objects first on the actual machine.

Either by Group Policy or Local Computer Policy, go to 'Computer Configuration', 'Windows Settings', 'Security Settings', 'Local Policies', 'Audit Policy', and modify the 'object access' setting.

More information can be found at http://support.microsoft.com/kb/301640. Hope this helps.

Richard Giagnacovo

Darrell.Wright@xxxxxxx wrote:

Is there a way to tell who or what accessed a particular folder or
file on my computer? The Security Event Log doesn't seem to contain
this information.

Thanks.

References:
- Auditing A Folder
  - From: Darrell . Wright

Prev by Date: Re: Multiple Computer Names / Domains
Next by Date: Re: how to disable control panel
Previous by thread: Auditing A Folder
Next by thread: Delete a message
Index(es):
- Date
- Thread

Relevant Pages

Re: Auditing / Event Log Entries...
... expecting that to show up as an entry in the security event log. ... Nothing shows up in the event log even though it is enabled. ... Enable auditing on the security tab of choice ... Watch the audit logs flow. ...
(microsoft.public.win2000.security)
Re: SBS "Newbie" question - viewing logins
... Update to my situation - regarding the Security Event Log: ... Settings" look okay, but the "Effective Settings" are still set to "No ...
(microsoft.public.windows.server.sbs)
Re: Auditing
... Richard ... > When you enable auditing, where would the log of the activity be that you ... Prev by Date: ...
(microsoft.public.windows.group_policy)
Re: VPN & Windows authentication
... find out what is going on with the login itself from the details provided in ... the security event log. ... so the web server machine can store its authentication attempts ...
(microsoft.public.dotnet.framework.aspnet.security)