Configure Audit Object Access Policy

NOTE: Netwrix recommends you to avoid linking a GPO to the top level of the domain due to the potential impact. Instead, create a new organization unit for your file servers within your domain and assign GPO there. For detailed instructions on how to create a new OU, refer to the following Microsoft article: Create a New Organizational Unit.

  1. Open the Group Policy Management console on any domain controller in the target domain: navigate to Start Windows Administrative Tools (Windows Server 2016 and higher) or Administrative Tools (Windows 2012) Group Policy Management.

  2. In the left pane, navigate to Forest: <forest_name> Domains <domain_name>, right-click <OU_name> and select Create a GPO in this domain and Link it here.
  3. Enter the name for the new GPO.
  4. Right-click the newly created GPO and select Edit.

  5. In the Group Policy Management Editor dialog, expand the Computer Configuration node on the left and navigate to Policies Windows Settings Security Settings Local Policies Audit Policy.

    Policy Subnode Policy Name Audit Events

    Audit Policy

    Audit object access

    "Success" and "Failure"

  6. Navigate to Start Run and type "cmd". Input the gpupdate /force command and press Enter. The group policy will be updated.