2
Is it possible to set an object audit policy on any version of Windows? I can do it on Enterprise, but wanted to know if it was possible on Home Premium (or any version of Windows without group policy). I want to log when files are successfully accessed, and what process accessed them.
I set the Audit policy to a folder, by the Audit tab, but I see no logs regarding file activity (under Security in Event Viewer). It seems like unless enabling Object Access in Group Policy, nothing gets logged. Yet, there's an Audit tab in versions not Professional (or higher)?
You can install
– DavidPostill – 2015-12-14T21:45:16.777gpedit.msc
on Windows Starter Edition, Home and Home Premium. See my answer to Windows 7 (Home Premium): eventvwr.exe: How to log workstation locking and unlocking and screensaver invoked and dismissed events for instructions.I never thought to ask "how do i use gpedit on non-pro versions" because it legitimately sounds stupid. Apparently you can. Thanks that looks very promising. – user287848 – 2015-12-14T21:53:47.947
Please post your comment as an answer, so I can mark it. I used the link you provided, and found the installer. I wanted to break it down, so I discovered all files were copied to C:\Windows\Temp (not sure why there). I copied everything to another folder, and could run it without the installer. So it seems gpedit works as long as all other needed files are in the same directory. – user287848 – 2015-12-14T22:10:05.207
Done. I'm happy it worked for you. – DavidPostill – 2015-12-14T23:10:14.527