Audit: Audit the use of Backup and Restore privilege

Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options


Determines whether to audit the use of all user privileges, including Backup and Restore, when the Audit privilege use policy is in effect. Enabling this option when the "Audit privilege use" policy is also enabled generates an audit event for every file that is backed up or restored.

If you enable this policy, and if the "Audit privilege use" policy is enabled and in effect, any instance of user rights being exercised is recorded in the security log.

If you disable this policy, when users use Backup or Restore privileges, those events are not audited, even when "Audit privilege use" is enabled.

Default: Disabled.

For more information, see:

Security Configuration Manager Tools

© 2017 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy & Cookies