Windows 2003 audit file folder access

Confirm your selections, and click OK. Enable auditing at the object level Navigate Windows Explorer to the file you want to monitor. Select the Auditing tab. Click Add. Select the Principal you want to give audit permissions to.

Sign in. United States English. Ask a question. Quick access. Search related threads. Remove From My Forums. Answered by:. Archived Forums. Auditing file and folder access allows you to test your security policy and determine whether any users are trying to use the machine in an unauthorized manner. For example, fellow TechRepublic contributor and friend Troy Thompson teaches high school computing courses.

Since a classroom full of high school kids is about as hostile an environment as you're going to find, Troy audits each machine to detect any unauthorized use. Log on to the machine with a local administrative account and open the Control Panel.

After much work I finally got the security log to stop logging 14 logs about svchosts access ever minute. Now the security log waits until the XP computer connects to the shared folder and opens a file. I did this with one file, a small Word doc. I have read several Spiceworks support logs for file access audit. One user generates entries for on file opened? What about my production environment with 50 users and thousands of files?

Quote from Ron Schnieder in Jaws, "We are going to need a bigger boat! That is normal, unfortuante but normal. When a machine opens a file there may be several hooks into the file to handle different things. Each one of these is recorded in the audit log.