Re: Auditing

From: Rebecca Chen [MSFT] (v-rebc_at_online.microsoft.com)
Date: 12/30/04

• Next message: Pegasus \(MVP\): "Re: W2kSBS Repair Doesnt Work....? Files in System32/config/system ..."
• Previous message: George Hester: "Re: Setup Windows 2000 so that boot.ini is NOT on the root?"
• In reply to: lforbes: "Re: Auditing"
• Messages sorted by: [ date ] [ thread ]

Date: Thu, 30 Dec 2004 09:57:18 GMT

Hi

Yes, as other MVP has stated, Auditing and NTFS permission are individual
and will not affect each other.

Each object has a set of security information, or security descriptor,
attached to it. Part of the security descriptor specifies the groups or
users that can access an object, and the types of access (permissions)
granted to those groups or users. This part of the security descriptor is
known as a discretionary access control list (DACL)

In addition to containing permissions information, however, a security
descriptor for an object also contains auditing information. This auditing
information is known as a system access control list (SACL)

Please refer to the following article to get more details.

Audit settings on objects
http://www.microsoft.com/windows2000/en/advanced/help/default.asp?url=/windo
ws2000/en/advanced/help/sag_seconceptsunlocac.htm

Further questions, let us get in touch!

Best regards,

Rebecca Chen

MCSE2000 MCDBA CCNA

Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security

=====================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

• Next message: Pegasus \(MVP\): "Re: W2kSBS Repair Doesnt Work....? Files in System32/config/system ..."
• Previous message: George Hester: "Re: Setup Windows 2000 so that boot.ini is NOT on the root?"
• In reply to: lforbes: "Re: Auditing"
• Messages sorted by: [ date ] [ thread ]

Relevant Pages Re: DC Policy: just want to audit files, not set security ... the particular directory to root the auditing ... different permissions within the area. ... >> I had never thought of using a SCE template File System ... >>> lot of events in the security log. ... (microsoft.public.windows.server.security) Re: System Security Audits ... Security's Auditing Tools and security templates. ... > By system security audits I mean things like checking if computer ... > permissions (not too high or to say if user has restrictive ... (Pen-Test) Re: Track a specific users share access activity? ... When you open the auditing tab in the Security dialog of the ... NTFS permissions in the properties of the storage area of ... just as if you were adding access permissions. ... Security) ... (microsoft.public.windows.server.security) Re: sql permissions and adp ... Somethings probably missing on the security with whatever ... being execute and include auditing the object and statement ... >test the application using the standard user permissions. ... >rights which obviously we do not want to do. ... (microsoft.public.sqlserver.security) RE: What server hardening are you doing these days? ... permissions on their data, and Microsoft encourages ISVs to minimize ... I've been able to discuss ACLs and other security issues in Windows with ... Control or DAC (which is what you're referring to by the "stupid ... (Focus-Microsoft)

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint