Big savings, Better ROI! Exclusive discounts on ManageEngine Products!* Boost your business *T&C apply
    Click here to shrink
    Click here to expand Click here to expand

    Configuring object level auditing - Using GPO

    To audit file and folder access, object-level auditing must be enabled. This can be achieved in three ways:

    • Using Windows shares
    • Using PowerShell cmdlets
    • Using Global Object Access Auditing

    Using Global Object Access Auditing

    • Log in to any computer that has the GPMC with Domain Admin credentials.
    • Open the GPMC and, based on your setup, right-click Default Domain Controllers Policy or ADAuditPlusMSPolicy or ADAuditPlusWSPolicy, and select Edit.


      To enable FIM on Right-click
      Domain controller Default Domain Controllers Policy GPO
      Windows server ADAuditPlusMSPolicy GPO
      Workstation ADAuditPlusWSPolicy GPO
    • In the Group Policy Management Editor, go to Computer Configuration > Policies > Windows Settings > Security Settings > Advanced Audit Policy Configuration > Global Object Access Auditing > File system > Define this policy setting > Configure. For the Everyone group, add the following entries:
    • Principal Type Access
      File/folder changes Everyone Success, Failure
      • Create files / Write data
      • Create folders / Append data
      • Write attributes
      • Write extended attributes
      • Delete subfolders and files
      • Delete
      Folder permission and owner changes Everyone Success, Failure
      • Take ownership
      • Change permissions

    Don't see what you're looking for?


      Visit our community

      Post your questions in the forum.


      Request additional resources

      Send us your requirements.


      Need implementation assistance?

      Try onboarding


    On this page

    Get download link