Automatic Configuration of Object Access Audit Policy and SACLs for File Servers

 

Configure audit required File Servers in ADAudit Plus.

  1. Login into ADAudit Plus.

  2. Click on 'File Audit' > 'Windows File Server'.

  3. Click on 'Add File Servers', select the Server that requires audit

    Next, when you click on Get Shares, you will view the file shares within the File Server.

  4. Select the file shares and click on 'OK' (The below alert will be displayed).

  1. Clicking on 'Yes' will enable one or all of the below if not configured already.

    1. Adds the selected Shares for auditing.

    2. Automatically enables the necessary audit permissions (SACLs) on selected shares.

    3. Object Access Policy will be enabled for the selected Server via a GPO.
      • ADAudit Plus automatically creates a Group Policy Object (GPO) that is linked to the Domain.
      • This is created with the name '<Domain name>_ADAuditPlusPolicy' where the desired 'Object Access Audit Policy' is configured.

      • This policy is applied on the selected Server(s).
  2. You can Skip the automatic configuration of points 2 and 3 by clicking on the button 'Skip 2,3' to manually configure the Audit Policy and SACLs.

Option 2 and 3 will automatically be configured for shares in the local Domain. However for remote Domains these settings need to be configured manually:

  1. Steps to manually Configure SACLs on selected shares
  2. Steps to manually configure Object Access Policy for the selected Server via a GPO.
Copyright © 2014, ZOHO Corp. All Rights Reserved.
ManageEngine