Re: Windows 2000 Auditing Object Access
- From: Ken <Ken@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 21 Sep 2005 04:55:02 -0700
One of the domain controllers is our File and Print server. It is on this
server that I would like to audit files.
I have since noticed/caused another issue while looking at the default
domain policy. Here is my problem.
Anyone happens to know why I am getting "Windows cannot
open template file" when I try to access Default Domain
Policy GPO >Computer Configuration>> Windows Settings>>
Security Settings.
In addition to that, several sub-categories under Security
Settings like Account Policies, Local Policies etc. have
vanished. As a result I can not modify domain-wide
security policies. Sure I can always create a new GPO and
link it with OU or root first priority, but I would rather
like to solve the issue before going for work-arounds.
"Todd J Heron" wrote:
> This statement from your original post looks like your problem.
>
> "I have enabled object access via the default domain controllers policy and
> have set auditing on a particular
> object in Active Directory however I never see anything in the security logs
> when I try to test by changing, deleting or modifying files."
>
> The default domain controllers policy applies to domain controllers. You'll
> need to configure a policy on an OU which contain the servers which you want
> to audit. You could, edit the Default Domain Policy for this, but I suggest
> you do it on an OU which contain your servers. Call it "Member Servers".
>
> --
> Todd J Heron, MCSE
> Windows Server 2003/2000/NT; CCA
> ----------------------------------------------------------------------------
> This posting is provided "as is" with no warranties and confers no rights
>
> "Ken" <Ken@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:01B33A28-CE83-42EB-A235-B48A03336B88@xxxxxxxxxxxxxxxx
> Yes I have that document in hand. I am just trying to get this up an running
> I am trying to audit folders for success/failure and I am looking at the
> security log in event viewer. The folder has auditing set but when tested by
> deleting test folders and creating text files etc nothing shows up in event
> viewer.
>
> "Ian" wrote:
>
> > Ken wrote:
> > > Hopefully someone can guide me in the right direction. I am unable to
> > > get the
> > > Auditing of Object Access to work. I have enabled object access via the
> > > default domain controllers policy and have set auditing on a particular
> > > object in Active Directory however I never see anything in the security
> > > logs
> > > when I try to test by changing, deleting or modifying files. The object
> > > has
> > > been set to Audit everything however nothing is showing up in the logs.
> > > When
> > > I look at the local security logs is shows no effective permissions for
> > > the
> > > audit policy. Can anyone provide me any insight on this ?
> > >
> > > Thanks,
> > >
> > > Ken
> > Ken,
> >
> > A Step by step guide from ms:
> > http://support.microsoft.com/default.aspx?scid=kb;en-us;314955&sd=tech
> >
> > What are you auditing and what logs are you looking at?
> >
> > Ian
> >
>
>
.
- References:
- Re: Windows 2000 Auditing Object Access
- From: Ian
- Re: Windows 2000 Auditing Object Access
- From: Todd J Heron
- Re: Windows 2000 Auditing Object Access
- Prev by Date: srvany and MAPI ?
- Next by Date: Re: Re: Automatic logoff of users in W2K3?
- Previous by thread: Re: Windows 2000 Auditing Object Access
- Next by thread: Re: Windows 2000 Auditing Object Access
- Index(es):
Relevant Pages
|
