How to delegate file and folder auditing to external auditors or non-IT users.

Specific accounts can be created for people without administrative rights allowing external auditors or non-IT users to perform audits securely and autonomously.


Hi everyone, welcome to the FileAudit Tutorial. Let’s see here how to implement the FileAudit Delegation for non IT users. Non-IT executives or external auditors need to use and evaluate file access-related data. FileAudit offers all features by granting them access with appropriate rights so as not to consume valuable IT staff’s time.

Remote connection

Three quick steps are required. The first one consists of enabling the remote connection to FileAudit. Go to the “Settings” tile and open the “Service” section. Just switch on the remote connections. By default the Communication port that will be used is 2000. You can define here a different port if you want. As warned, any modification of these specific service options requires a FileAudit service restart. Now to validate the settings, go back to the FileAudit hub and close the FileAudit console. Then open the Windows services console and restart the FileAudit service.

Create authorized accounts

The second step is to create accounts that are authorized to access FileAudit and their specific privileges. Click on the “Permissions” section. Click the “Add a user” button and enter the desired name through the Microsoft account selector. Check the entered name. And once the user name is detected and validated, click “OK”. Next you’ll be able to choose what permissions you want to give to this specific user or group. There are 5 feature sets: “Audit” grants access to the File Access viewer, “Configure Audit” allows you to delegate the management of the Audited path. The next permits you to give access to the reports and alerts configuration. “Configure settings” concerns all FileAudit options except the permissions which is the subject of the last switch. If the goal is to delegate only the File access events display, just enable the first switch. You can of course create as many accounts as are needed. We have now set FileAudit for remote use and defined the accounts authorized to connect to it with their appropriate rights.

FileAudit console installation

The last thing to do is to install FileAudit for the user you want to give the audit access. Launch the installation package of FileAudit onto the desired workstation. Every installation step is the same as described for the FileAudit installation tutorial until the “Setup type” step. Switch to a Custom installation. In “Custom Setup”, remove the “Service” feature and click Next. Only the FileAudit console will be installed. Validate the installation to finish the process.

Remote connection

Once the console is installed and open, click on the “Connect” button. The Connect panel will open on the right-hand side. Activate the “Use a remote FileAudit service”, enter the name of the system hosting the target FileAudit service and specify the required port if previously personalized. Otherwise default to 2000. Click “Validate”. These settings will now be kept in memory for the next use. FileAudit is now ready for a remote use. The feature access will be those authorized for the Windows account running the FileAudit console. This is the best way to delegate the audit access to a user without restricting FileAudit features and protecting the administrative privilege on the file server.