Programming4us
         
 
 
Windows Server

Windwos Server 2008 : Recovering from a Server or System Failure (part 2) - Enabling Auditing for NTFS Folders

12/4/2010 3:40:33 PM
Enabling Auditing for NTFS Folders

Enabling auditing on an NTFS folder can be a helpful aid in troubleshooting access to server folders. Enabling auditing for NTFS folders is a two-part configuration involving either Group Policy or local computer policy audit settings, as well as configuring auditing on the folder itself. To enable auditing for a folder on a Windows Server 2008 R2 system, perform the following steps:

1.
Log on to the Windows Server 2008 R2 system with an account with administrator privileges.

2.
Click Start, click All Programs, click Administrative Tools, and select Local Security Policy.

3.
In the tree pane, double-click on Local Policies, and double-click on Audit Policy.

4.
In the tasks pane, double-click on Audit Object Access.

5.
When the Audit Object Access Properties window opens, check the Failure check box, and click OK, as shown in Figure 1.

Figure 1. Enabling failure audit for object access.


6.
Close the Local Security Policy window.

7.
Click Start and click on Computer.

8.
Browse to the drive and folder on which you will enable auditing; for this example, use the c:\HumanResources folder.

9.
Right-click the folder and select Properties.

10.
Select the Security tab and click the Advanced button near the bottom of the window.

11.
Select the Auditing tab and click the Edit button to enable audit changes.

12.
In this particular example, we want to log failed attempts to access the folder, so we will use the Everyone group and enable all failure audits. Click the Add button in the Advanced Security Settings window for the HumanResources folder.

13.
When the Select User, Computer, Service Account, or Group window opens, type in Everyone and click OK.

14.
In the Auditing Entry window for everyone, check the Failed check box next to Full Control, check the box at the bottom of the window to apply the Audit policy to all objects contained within the HumanResources folder, and click OK, as shown in Figure 2.

Figure 2. Configuring an audit entry for the HumanResources NTFS folder.


15.
In the Advanced Security Settings window, check the Replace All Existing Inheritable Auditing Entries check box, and click OK.

16.
Click OK again to close the Advanced Security Settings window, and then click OK one more time to close the property pages of the HumanResources folder.

When a user attempts to access the HumanResources folder and fails based on permissions, a failed audit entry will be logged on the server in the Security event log.
Other -----------------
- Windows Server 2008 Server Core : Working with the Remote Desktop Connection Application (part 2)
- Windows Server 2008 Server Core : Working with the Remote Desktop Connection Application (part 1)
- Windows Server 2008 Server Core : Understanding Internal and External Commands
- Windows Server 2008 : Working with NAP (part 8) - 802.1x Enforcement
- Windows Server 2008 : Working with NAP (part 7)
- Windows Server 2008 : Working with NAP (part 6)
- Windows Server 2008 : Working with NAP (part 5)
- Windows Server 2008 : Working with NAP (part 4) - Communication Process with VPN Client and NAP
- Windows Server 2008 : Working with NAP (part 3) - DHCP Enforcement
- Windows Server 2008 : Working with NAP (part 2)
- Windows Server 2008 : Working with NAP (part 1)
- Windows Server 2008 : Configuring Remote Access (part 6)
- Windows Server 2008 : Configuring Remote Access (part 5) - Virtual Private Networks
- Windows Server 2008 : Configuring Remote Access (part 4)
- Windows Server 2008 : Configuring Remote Access (part 3)
- Windows Server 2008 : Configuring Remote Access (part 2) - Network Policy Server and Network Access Protection
- Windows Server 2008 : Configuring Remote Access (part 1) - Routing and Remote Access Services
- Windows Server 2008 : Configuring Wireless Access
- Windows Server 2008: Configuring Routing
- Windows Firewall with Advanced Security in Windows Server 2008 (part 3)
 
 
REVIEW
- First look: Apple Watch

- 10 Amazing Tools You Should Be Using with Dropbox
VIDEO TUTORIAL
- How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 1)

- How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 2)

- How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 3)
Popular tags
Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8 BlackBerry Android Ipad Iphone iOS
Most View
- Exchange 2007: How Do I Modify a Database Size Limit?
- Windows 7 : Enhancing Your Browsing Security (part 1) - Blocking Pop-Up Windows
- Enable the Global Audit Policy by Using the Command Line
- Windows Phone 7 : Updating Your Phone Software
- SOA with .NET and Windows Azure : WCF Discovery (part 1) - Discovery Modes
- Microsoft ASP.NET 3.5 : WCF Services for ASP.NET AJAX Applications
- Securing Windows 7 : Thwarting Snoops and Crackers (part 2) - Locking Your Computer Manually, Automatically
- Windows 7 : Accessing a Shared Printer
- SQL Server 2008 : Data Encryption - SQL Server Key Management
- Windows 7 : Firing Up the Registry Editor