Yes, that is possible, on a share-by-share basis even. You’ll have to enable the
audit VFS module for the share. This can be done from the Univention Management Console. Navigate to “Domain” → “Shares” and edit the corresponding share.
Next go to the “Samba” tab and there enter
full_audit in the “VFS objects” input. Save the share, wait a couple of seconds, and try accessing files. You should now find lines such as the following one in the
syslog log file of the server that offers the share:
Aug 15 11:26:04 kyushu smbd_audit: IP=10.199.92.47|USER=mbunkus|MACHINE=10_199_92_47|VOLUME=daten|pwrite|ok|software/ISOs/grml.iso