Is this possible on a windows file server?

[Chiefcrowe]

Can you track who opened/modified a file last with something built in to the OS?

 

[imagoon]

With auditing yes. You need to enable it in a few places (server itself, on the files themselves etc.) It will then generate event logs with the information.

 

[Chiefcrowe]

Thanks, I thought so. Do you know of a good page that explains how to enable auditing? I have never really used it in server 2008 R2.

 

[imagoon]

Try this: The jist is that you enable the auditing then set the permissions you want to audit. From there you pour through the log to see what happened. I prefer powershell to do that since you can search easier (imo)

--edit--

link http://www.techotopia.com/index.php/Auditing_Windows_Server_2008_File_and_Folder_Access

 

[tomalter]

First, you need to enable file access auditing. Please checkout the give below link to audit access and modification for the object.


http://technet.microsoft.com/en-us/library/cc738931(v=ws.10).aspx


and you can take a look at this file access auditing ( https://www.netwrix.com/file_server_auditing.html ) tool which helps to track, audit, report and get instant alerts on all access to files and folders on Windows servers.