How can I set an audit policy that affects all objects on a computer?
System administrators and auditors increasingly want to verify that auditing policy is applied to all objects on a system. This has been difficult to accomplish because the system access control lists (SACLs) that govern auditing are applied on a per-object basis. Thus, to verify that an audit policy has been applied to all objects, you would have to check every single object and that no changes have been made, even temporarily, to even a single SACL. In Windows Server 2008 R2 and Windows 7, administrators can define computer-wide global object access auditing policy for either the entire file system or registry on a computer. The specified SACL is then automatically applied to every single object of that type. This can be useful both for verifying that all critical files, folders, and registry settings on a computer are protected, and for identifying when an issue with a system resource occurs. If both a file or folder SACL and a global object access auditing policy (or a single regis