NOTE: Netwrix recommends you to avoid linking a GPO to the top level of the domain due to the potential impact. Instead, create a new organization unit for your file servers within your domain and assign GPO there. For detailed instructions on how to create a new OU, refer to the following Microsoft article: Create a New Organizational Unit.
Open the Group Policy Management console on any domain controller in the target domain: navigate to Start → Windows Administrative Tools (Windows Server 2016 and higher) or Administrative Tools (Windows 2012) → Group Policy Management.
- In the left pane, navigate to Forest: <forest_name> → Domains → <domain_name>, right-click <OU_name> and select Create a GPO in this domain and Link it here.
- Enter the name for the new GPO.
Right-click the newly created GPO and select Edit.
In the Group Policy Management Editor dialog, expand the Computer Configuration node on the left and navigate to Policies → Windows Settings → Security Settings → Local Policies → Audit Policy.
Policy Subnode Policy Name Audit Events
Audit object access
"Success" and "Failure"
Navigate to Start → Run and type "cmd". Input the
gpupdate /forcecommand and press Enter. The group policy will be updated.