User auditing



User auditing

Hey pals
I am trying to enable user auditing on a Windows 2003 R2 server. I performed
these steps.

1. Sorted my users into OUs
2. Created a new GPO and linked it to selected OU
3. Edited the GPO and enabled auditing on object access and logon events to
log success and failures. Also enabled auditing from security options on
folder properties where data is stored to know who accessed the files, who
deleted them etc.
4. Closed all windows and run command: gpupdate /force
5. Tried to login and write wrong passwords and to create or delete some
files, but nothing relevant comes up on event viewer under security.

I believe I am missing something...any help is greatly appreciated!!

Meinolf Weber [MVP-DS]

Hello TEK,

See in and please do not
multipost, use crossposting with a newsreader like outlook express.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!!

Jorge de Almeida Pinto [MVP - DS]

auditing must be enabled on the DCs through for example the Default Domain
Controllers GPO

then on the OU, through the security TAB, configure auditing for AD related

for servers that require auditing at file system level the server hosting
those files/folders must have auditing enabled




# Jorge de Almeida Pinto # MVP Identity & Access - Directory Services #


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question