![microsoft home use program office 2011 microsoft home use program office 2011](https://support.content.office.net/en-us/media/bc0fbc7a-cae8-4d09-98a5-a216d9ea1503.png)
Usually, we require auditing shared documents and business application data folders (accounting, warehouse databases and so on) – i.e., resources accessible for editing by multiple users. It is also required to designate what folders exactly are to be watched. Simply enabling policy option is not enough. Only enable Auditing on computers that keep required documents on their local hard drives.
#Microsoft home use program office 2011 windows#
This policy enables file, folder and Windows Registry access attempts that were ended in a success.Īctually, this is true, we are only interested in a successful file or folder deletion attempts. In a ComputerĬonfiguration node, open Windows Settings → Security Settings → Local Policies → Audit Policies folder:ĭouble-click Audit object access policy and select Success checkbox. In order to enable Auditing, log on to a computer that keeps shared folder structure with administrative permissions, click Start → Run and launch gpedit.msc MMC console.
![microsoft home use program office 2011 microsoft home use program office 2011](https://static.softwarekeep.com/catalog/product/2/0/2011hsintl.png)
Policy configuration interface, thus making it too hard to configure. Unfortunately, Windows Home versions lack Auditing The Auditing subsystem is built-in into all Microsoft Windows NT OSs: Windows XP/Vista/7, Windows Server 2000/2003/2008. Even more, since not all user activity is of interest for logging, Auditing policies enable us capturing only event types that we consider being important. The Auditing is not enabled by default because any monitoring you use consumes some part of system resources, so tracking down too much events may cause a considerable system slowdown. In Windows OSs, there is an Auditing subsystem built-in, that is capable of logging data about file and folder deletion, as well as user name and executable name that was used to perform an action. Or maybe that was some system failure that could happen again?