Skip navigation
Menu
How-to
End-User Platforms>Windows 7/8

How can I check who last opened a file?

A. The only way I know of would be to enable auditing on the file and then examine the Security Event log for access.

In order to do this you will need the following:

  1. Enable auditing for files and folders via User Manager (Policies - Audit - Audit These Events - File and Object Access). In Windows 2000 use the Group Policy editor and edit the local policy or another GPO (Computer Configuration - Windows Settings - Security Settings - Local Policies - Audit Policy)
  2. Start Explorer
  3. Right click on the files/folders select Properties
  4. Select the Security tab
  5. Click the Advanced button
  6. Select the Audit tab
  7. Click Add
  8. Select 'Everyone'
  9. Click OK
  10. Select the actions to audit such as 'List folder/read data'
  11. Click OK
  12. Click OK to all dialogs
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
PowerShell screenshot shows Where-Object cmdlet
How to Use the PowerShell Where-Object Cmdlet
Aug 04, 2022
shield_icon_laptop.jpg
What To Do When Windows Defender Is Not Working
Mar 15, 2022
Computer Screen Showing Password Dialog Box
Microsoft Edge Downloads Updated for Azure AD Sign-In & Sync
Aug 22, 2019
mktg-wp-nolabel5
How to Approach the Windows 7 to 10 Migration
Aug 01, 2019