Enable Object Access Audit Policy in windows 7
As everyone knows no security plan is foolproof. However possibilities of security breaches can be considerably reduced by proper and regular monitoring of your computer systems and/or entire network setup. Auditing plays an important role when dealing with security and monitoring. With the help of auditing you can keep a close eye on every event that takes place in your network infrastructure. Though there are several auditing policies that can be configured on a Windows 7 computer but when talking about objects and resources of a computer you need to enable Object Access audit policy to monitor a particular object. With by enable object access audit policy you can monitor which user or group tried to access the object. If you want to enable Object Access Audit Policy on your Windows 7 computer you need to follow the steps given below:
- Logon to your Windows 7 computer with the administrator account as the policies can only be configured with administrator privileges.
- Go to start menu and in the search box type gpedit.msc.
- On the opened snap-in under Computer Configuration expand Windows Settings and then expand Security Settings.
- From the expanded tree expand Local Policies and click on Audit Policy.
- From the right pane double click on Audit object access and from the opened Properties box check both Success and Failure checkboxes.
- Click on Ok button to accept your configuration and finally close Local Group Policy Editor snap-in.
- In order to make the configuration take effect you need to run gpupdate /force command in the Command Prompt.
Note:
Enabling object access from the group policies alone will not solve the purpose. In order to make object access policy fully functional you need to enable auditing on the object you want to monitor. Also you need to specify the user account or the group for which you want to apply the auditing on that particular object.