Jordon
Tue Jun 17 14:59:00 PDT 2008
I configured the group policy on the domain controller under
Windows Settings/Security Settings/Local Policies/Audit Policy/
Audit object access (success and failure).
Then I navigated to a folder on the file server (different
computer, but part of the domain) and under Properties/
Security/Advanced/Auditing I created a new policy to audit
domain users for List Folder / Read Data, Create Folders /
Append Data, Delete and Delete sub Folders and Files.
When that didn't work I turned on object access auditing on
the file server under the local policy and that seemed to do
the trick.
Why wouldn't a domain policy work? And what would it be for?
--
Jordon
Meinolf Weber wrote:
> Hello Jordon
>
> Please describe what you have configured on which server, which policy
> and where the policy is linked to and on which machine you search for
> the event entries. Please in detail so that we can follow your thoughts.
>
> Best regards
>
> Meinolf Weber
> Disclaimer: This posting is provided "AS IS" with no warranties, and
> confers no rights.
> ** Please do NOT email, only reply to Newsgroups
> ** HELP us help YOU!!!
http://www.blakjak.demon.co.uk/mul_crss.htm
>
>> Server 2000 SP4 running AD.
>>
>> I have read many posts about how to log file and folder access, but it
>> doesn't seem to work. I've enabled auditing of object access in a
>> group policy on the domain controller. I've changed the properties of
>> the folder to be audited and added the groups to audit and what's to
>> be audited.
>>
>> Nothing shows up in the security event viewer when files are accessed,
>> changed, added or deleted.