Auditing Resource Access
Object access can be audited, although it is not one of the recommended settings. Auditing object access can place a significant load on the servers, so it should only be enabled when it is specifically needed. Auditing object access is a two-step process: Step one is enabling audit object access, and step two is selecting the objects to be audited. When enabling audit object access, you need to decide whether both failure and success events will be logged. The two options are as follows:
• Audit object access failure enables you to see if users are attempting to access objects to which they have no rights. This shows unauthorized attempts.
• Audit object access success enables you to see usage patterns. This shows misuse ...
Get Windows Server® 2012 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
