Options
auditing resorces question
dave m
Member Posts: 12 ■□□□□□□□□□
hi all
if you are planning to set up an audit policy to find out who has been trying to gain unauthorised access to shared files within an active directory based network, do you have to enable an audit policy for each computer in the OU individually, or can you set up the audit policy for the whole OU
hope this makes sense
dave
if you are planning to set up an audit policy to find out who has been trying to gain unauthorised access to shared files within an active directory based network, do you have to enable an audit policy for each computer in the OU individually, or can you set up the audit policy for the whole OU
hope this makes sense
dave
Comments
-
Optionsgarv221
Member Posts: 1,914
That depends on what your trying to do...If your auditing a group of computers then you would apply the group policy to the OU...
-
Optionsallylaurente
Member Posts: 131
You need to enable an audit policy on that OU if you suspects that of those users who gain unathoruized access to that shared folder is belongs to that OU. how about if not? so i think you need to enable an audit policy on that OU and auditing on each computer or auditing for the everyone group for that shared folder. Auditing causes events of specified event classes to be recorded in the security log in Event Viewer.
"...don't wait for miracles, be the miracle" - Bruce Almighty