auditing resorces question

dave mdave m Member Posts: 12 ■□□□□□□□□□
in Windows XP Professional
hi all
if you are planning to set up an audit policy to find out who has been trying to gain unauthorised access to shared files within an active directory based network, do you have to enable an audit policy for each computer in the OU individually, or can you set up the audit policy for the whole OU

hope this makes sense

dave
· Share on FacebookShare on Twitter

Comments

  • garv221garv221 Member Posts: 1,914
    That depends on what your trying to do...If your auditing a group of computers then you would apply the group policy to the OU...
    · Share on FacebookShare on Twitter
  • allylaurenteallylaurente Member Posts: 131
    You need to enable an audit policy on that OU if you suspects that of those users who gain unathoruized access to that shared folder is belongs to that OU. how about if not? so i think you need to enable an audit policy on that OU and auditing on each computer or auditing for the everyone group for that shared folder. Auditing causes events of specified event classes to be recorded in the security log in Event Viewer.

    :D:D:D
    "...don't wait for miracles, be the miracle" - Bruce Almighty
    · Share on FacebookShare on Twitter
  • dave mdave m Member Posts: 12 ■□□□□□□□□□
    thank you very much i have my head round it now
    · Share on FacebookShare on Twitter
Sign In or Register to comment.