Audit Access to Routing Link Objects
Applies To: Windows Server 2008
Use this procedure to audit access to routing link objects.
You can use this procedure to audit access to routing link objects. Use auditing to record which users attempt to access routing link objects, the type of operation attempted, and whether that access succeeded or failed.
Membership in <Domain Name>\Domain Admins, or equivalent, is the minimum required to complete this procedure.
To audit access to routing link objects
Click Start, point to All Programs, point to Administrative Tools, and then click Active Directory Sites and Services.
Highlight Active Directory Sites and Services, and on the View menu, click Show Services Node.
In the console tree, click MsmqServices.
- Active Directory Sites and Services/Services/MsmqServices
In the details pane, right-click the applicable routing link, and then click Properties.
On the Security page, click Advanced.
On the Auditing page of the Advanced Security Settings dialog box, click Add.
In the Select Users, Computers, or Groups dialog box, click Object Types, select the Group and/or Users check box as appropriate, clear the remaining check boxes, and click OK. In Enter the object name to select, type the name of a group or user whose access you want to audit or the names of several such groups or users separated by semicolons and click OK. Or, click Advanced to search for groups or users, enter the applicable parameters, click Find Now, select the group or user, click OK, and click OK again.
In the Auditing Entry dialog box, in Apply onto, select the applicable objects for which user access will be audited. Then, under Access, select the appropriate check boxes next to the applicable entries and click OK. Or, to clear all audit entries, click Clear All, and then click OK.
The information generated by an audit is stored in the security log. For information about how to use Event Viewer to view information in the security log, see the Windows online help.
This procedure can be used to audit access to any Message Queuing object under, and including, the MsmqServices object.
In addition to auditing access to computer and queue objects, you must also establish an audit policy for the local computer.