You can individually choose which types of activity you want to track, such as deleting or creating new files/folders, etc. Here is where you’ll select what you want to watch for this folder. This is the real meat of what we’ve been wanting to do. The box will automatically update with the name of the local users group for your computer in the form COMPUTERNAME\Users.Ĭlick OK and now you’ll get another dialog called “ Audit Entry for X“. In the box, type in the word “ users” and click Check Names. A dialog will appear asking you to select a User or Group. This is where we’ll actually configure what we want to monitor for this folder. Now click on the Advanced button and click on the Auditing tab. Click on the Security Tab and you see something similar to this:
In Explorer, right click on the folder and click Properties. Now navigate to the folder using Windows Explorer that you would like to monitor. You can close out of the Group Policy console now. Now the next step is to tell it what EXACTLY we want to track. Click OK and now we’re done the first part which is telling Windows that we want it to be ready to monitor changes. Now check the setting for Audit Object Access by double clicking on it and selecting both Success and Failure. Audit policy is what controls whether or not the operating system is configured and ready to track changes. Now you’ll see a set of policies and their current settings on the right hand side. I’m not going to explain much of the other settings here since this is primarily focused on auditing a folder. In our case we’re going to want our setting to be for all users, so we’ll expand the Computer Configuration section.Ĭontinue expanding to Windows Settings -> Security Settings -> Local Policies -> Audit Policy. As you might have guessed, the user policies control the settings for each user whereas the computer settings will be system wide settings and will effect all users. There are two main categories of policies: User and Computer.
0 kommentar(er)
