Previous Page | Next Page

  1. Introduction
  2. Installation
  3. Hardware Issues
  4. Filesystems
  5. Networking
  6. Security
  7. Servers
  8. Services
  9. Utilities
  10. Control Panel
  11. Printing
  12. Performance Monitor
  13. Network Monitor
  14. Event Viewer
  15. Other Issues
  16. User Accounts
  17. Groups
  18. Policies
  19. User Rights
  20. Auditing
  21. System Policies
  22. Sharing
  23. Profiles
  24. Roaming Profiles
  25. Domains
  26. Server Management
  27. Directory Replication
  28. License Management
  29. Client Administrator
  30. Netware Tools
  31. Macintosh Support
  32. RAS Server
  33. SNMP
  34. DHCP
  35. DNS
  36. WINS
  37. Mail Service
  38. Internet
  39. Internet Information Server
  40. Routing and Firewalls
  41. Items to Remember
  42. Terms
  43. Credits

Windows NT Server Auditing

Audit Policy

These policies are set using the "User Manager". Success or failure of the following events may be logged:

  • Logon and logoff
  • Object and file access
  • Changes to security policies
  • Use of user rights
  • Group and user management
  • System shutdown and restart
  • Starting applications (process tracking)

To perform directory service database auditing requires auditing of "User and Group Management".

File Auditing

The "User Manager for Domains" administrative tool is used to enable system wide file auditing. The file system to be autided must be on an NTFS file system. There is not an auditing service for performing system auditing. Under the menu item, policies, audit, the below events may be selected. Failure and success of the following file events may be audited:

  • Read
  • Write
  • Execute
  • Delete
  • Change Permissions
  • Take Ownership

After file and object auditing is enabled, auditing must be set up in the individual share folders for:

  • Users and groups whose actions are to be audited.
  • The actions listed above that you want audited.

Viewing the Audit Log

Use the administrative tool, "Event Viewer" to view the logs. Select the menu item "Log" and "Security".