Configure Audit Object Access Policy

NOTE: Netwrix recommends you to avoid linking a GPO to the top level of the domain due to the potential impact. Instead, create a new organization unit for your file servers within your domain and assign GPO there. For detailed instructions on how to create a new OU, refer to the following Microsoft article: Create a New Organizational Unit.

  1. Open the Group Policy Management console on any domain controller in the target domain: navigate to Start Windows Administrative Tools (Windows Server 2016 and higher) or Administrative Tools (Windows 2012) Group Policy Management.

  2. In the left pane, navigate to Forest: <forest_name> Domains <domain_name>, right-click <OU_name> and select Create a GPO in this domain and Link it here.
  3. Enter the name for the new GPO.
  4. Right-click the newly created GPO and select Edit.

  5. In the Group Policy Management Editor dialog, expand the Computer Configuration node on the left and navigate to Policies Windows Settings Security Settings Local Policies Audit Policy.

    Policy Subnode Policy Name Audit Events

    Audit Policy

    Audit object access

    "Success" and "Failure"

  6. To update the group policies, execute the following command:

    • For EMC Unity:

      svc_cifssupport NAS Server Name -gpo -update

    • For EMC VNX:

      server_security server_2 -update -policy gpo

      NOTE: To update group policies for EMC VNX you must be logged in as the 'nasadmin' user.