On configuring, all the available d

Configuring Domain Controllers for Exchange Auditing

Default Domain Controller Policy and Object level Auditing should be configured for accessing Mailbox Property Changes and Mailbox Permission Changes reports. Upon configuration, events related to mailbox permission and property changes will be recorded in the ′Security Log′ in ′Event Viewer′ . Based on these event details, the Permission and Property Change reports are generated.

• Configuring Domain Controller Policy.

• Configuring Object level Auditing.

Configuring Domain Controller Policy

• Log on using an administrative account.

• If Windows 2008, open Group Policy Management from Start → Administrative tools.

• If Windows 2003, select Default Domain Controller Security Settings from Start → Administrative tools.

• Navigate to ForestName → Domains → DomainName → Group Policy Objects → Default Domain Controller Policy and right click to Edit it.

 



 

• Navigate to Computer Configuration → Policies-> Windows Settings → Security Settings → Local Policies.

• Select Audit Policy.

• In the right pane, double click the following policy and enable "Success" and "Failure" settings.

  • Audit directory service access

• Click Ok.



• Expand Advanced Audit Policy Configuration.

• Select DS Access.

• In the right pane, double click the following policies and enable "Success" setting.

  • Audit directory Service Changes

• Click Ok.

• Select Account Management.

• In the right pane, double click the following policies and enable "Success" setting.

  • Audit Distribution Group Management

• Click Ok.

Configuring Object level Auditing

• Open Active Directory Users and Computers from Start → Administrative Tools.

• Select Advanced Features from View menu to view the advanced security settings.

 



 

• In the left pane, right click on the Domain and select "Properties".

• Under the Security tab, click "Advanced" to open the "Advanced Security Settings for Domain" window.

 



 

• Under the Auditing tab, click "Add" to add the security principal object to which the policy will be applied.

• Enter the object name as "Everyone" and click ok. This opens the "Auditing Entry for the domain"

 



 

• Specify the Apply Onto field as follows

• If Windows Server 2008, Select "Descendant User objects"

• If Windows Server 2003, Select "User Objects"

• Select "Successful" for the following Access

• Write All Properties

• Delete

• Modify Permissions

• All Extended Rights

• Click ok.

Configuring Domain Controllers for Exchange Auditing

Default Domain Controller Policy and Object level Auditing should be configured for accessing Mailbox Property Changes and Mailbox Permission Changes reports. Upon configuration, events related to mailbox permission and property changes will be recorded in the ′Security Log′ in ′Event Viewer′ . Based on these event details, the Permission and Property Change reports are generated.

• Configuring Domain Controller Policy.

• Configuring Object level Auditing.

Configuring Domain Controller Policy

• Log on using an administrative account.

• If Windows 2008, open Group Policy Management from Start → Administrative tools.

• If Windows 2003, select Default Domain Controller Security Settings from Start → Administrative tools.

• Navigate to ForestName → Domains → DomainName → Group Policy Objects → Default Domain Controller Policy and right click to Edit it.

 



 

• Navigate to Computer Configuration → Policies-> Windows Settings → Security Settings → Local Policies.

• Select Audit Policy.

• In the right pane, double click the following policy and enable "Success" and "Failure" settings.

  • Audit directory service access

• Click Ok.



• Expand Advanced Audit Policy Configuration.

• Select DS Access.

• In the right pane, double click the following policies and enable "Success" setting.

  • Audit directory Service Changes

• Click Ok.

• Select Account Management.

• In the right pane, double click the following policies and enable "Success" setting.

  • Audit Distribution Group Management

• Click Ok.

Configuring Object level Auditing

• Open Active Directory Users and Computers from Start → Administrative Tools.

• Select Advanced Features from View menu to view the advanced security settings.

 



 

• In the left pane, right click on the Domain and select "Properties".

• Under the Security tab, click "Advanced" to open the "Advanced Security Settings for Domain" window.

 



 

• Under the Auditing tab, click "Add" to add the security principal object to which the policy will be applied.

• Enter the object name as "Everyone" and click ok. This opens the "Auditing Entry for the domain"

 



 

• Specify the Apply Onto field as follows

• If Windows Server 2008, Select "Descendant User objects"

• If Windows Server 2003, Select "User Objects"

• Select "Successful" for the following Access

• Write All Properties

• Delete

• Modify Permissions

• All Extended Rights

• Click ok.

Configuring Domain Controllers for Exchange Auditing

Default Domain Controller Policy and Object level Auditing should be configured for accessing Mailbox Property Changes and Mailbox Permission Changes reports. Upon configuration, events related to mailbox permission and property changes will be recorded in the ′Security Log′ in ′Event Viewer′ . Based on these event details, the Permission and Property Change reports are generated.

• Configuring Domain Controller Policy.

• Configuring Object level Auditing.

Configuring Domain Controller Policy

• Log on using an administrative account.

• If Windows 2008, open Group Policy Management from Start → Administrative tools.

• If Windows 2003, select Default Domain Controller Security Settings from Start → Administrative tools.

• Navigate to ForestName → Domains → DomainName → Group Policy Objects → Default Domain Controller Policy and right click to Edit it.

 



 

• Navigate to Computer Configuration → Policies-> Windows Settings → Security Settings → Local Policies.

• Select Audit Policy.

• In the right pane, double click the following policy and enable "Success" and "Failure" settings.

  • Audit directory service access

• Click Ok.



• Expand Advanced Audit Policy Configuration.

• Select DS Access.

• In the right pane, double click the following policies and enable "Success" setting.

  • Audit directory Service Changes

• Click Ok.

• Select Account Management.

• In the right pane, double click the following policies and enable "Success" setting.

  • Audit Distribution Group Management

• Click Ok.

Configuring Object level Auditing

• Open Active Directory Users and Computers from Start → Administrative Tools.

• Select Advanced Features from View menu to view the advanced security settings.

 



 

• In the left pane, right click on the Domain and select "Properties".

• Under the Security tab, click "Advanced" to open the "Advanced Security Settings for Domain" window.

 



 

• Under the Auditing tab, click "Add" to add the security principal object to which the policy will be applied.

• Enter the object name as "Everyone" and click ok. This opens the "Auditing Entry for the domain"

 



 

• Specify the Apply Onto field as follows

• If Windows Server 2008, Select "Descendant User objects"

• If Windows Server 2003, Select "User Objects"

• Select "Successful" for the following Access

• Write All Properties

• Delete

• Modify Permissions

• All Extended Rights

• Click ok.

On configuring, all the available data from the event logs will be fetched.
If there is no data in the event logs, please wait for the desired audit event and event collection to happen.

On configuring, all the available data from the event logs will be fetched.
If there is no data in the event logs, please wait for the desired audit event and event collection to happen.