Re: Windows 2000 Auditing Object Access
- From: "Todd J Heron" <todd_heron_no_spam@xxxxxxxxxxx>
- Date: Wed, 21 Sep 2005 22:37:24 -0400
This is known problem if you use Windows XP SP2 to edit GP and then view the
policy on a Win2000 DC.
There is a fix for Windows 2003 server and Windows XP pre-SP2, but you have
to call Microsoft. They will give you patch for free. One option is to
upgrade rest of Windows XP to SP2. You can download patch for Windows 2000
here. Note this patch will not work on Windows 2003.
http://www.microsoft.com/downloads/details.aspx?FamilyId=BA478B46-3AF7-4EAF-9CE6-E34EA2C74FAF
Also:
http://support.microsoft.com/default.aspx?kbid=842933
--
Todd J Heron, MCSE
Windows Server 2003/2000/NT; CCA
----------------------------------------------------------------------------
This posting is provided "as is" with no warranties and confers no rights
"Ken" <Ken@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:8444025E-8655-4CC3-BB30-CDB42F4DBA9A@xxxxxxxxxxxxxxxx
These polices are edited most always with XP2 admin machines and have been
doing so for a long while. The Security key is the only one so far coming up
with the message.
I do believe the policy was viewed by the 2000 domain controller and that
brought up the "strings to long error" but nothing was edited. We have not
run the fix on that error yet on the server, mainly because we do no editing
from the server.
Seems like I had no problems untill I tried to view where to go to enable
object access, since I am almost sure this was working a week ago.
Thanks for the continued Help. Let me know if I can provide any more infol
"Todd J Heron" wrote:
> Quick question, has someone edited these policies at one time with Windows
> XP (SP2) or Windows 2003 and you are now trying to access them from
> Windows
> 2000?
>
> --
> Todd J Heron, MCSE
> Windows Server 2003/2000/NT; CCA
> ----------------------------------------------------------------------------
> This posting is provided "as is" with no warranties and confers no rights
>
> "Ken" <Ken@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:3BA73940-CD2C-4B35-849F-CDB47448ABAA@xxxxxxxxxxxxxxxx
> One of the domain controllers is our File and Print server. It is on this
> server that I would like to audit files.
>
> I have since noticed/caused another issue while looking at the default
> domain policy. Here is my problem.
>
> Anyone happens to know why I am getting "Windows cannot
> open template file" when I try to access Default Domain
> Policy GPO >Computer Configuration>> Windows Settings>>
> Security Settings.
>
>
> In addition to that, several sub-categories under Security
> Settings like Account Policies, Local Policies etc. have
> vanished. As a result I can not modify domain-wide
> security policies. Sure I can always create a new GPO and
> link it with OU or root first priority, but I would rather
> like to solve the issue before going for work-arounds.
>
> "Todd J Heron" wrote:
>
> > This statement from your original post looks like your problem.
> >
> > "I have enabled object access via the default domain controllers policy
> > and
> > have set auditing on a particular
> > object in Active Directory however I never see anything in the security
> > logs
> > when I try to test by changing, deleting or modifying files."
> >
> > The default domain controllers policy applies to domain controllers.
> > You'll
> > need to configure a policy on an OU which contain the servers which you
> > want
> > to audit. You could, edit the Default Domain Policy for this, but I
> > suggest
> > you do it on an OU which contain your servers. Call it "Member
> > Servers".
> >
> > --
> > Todd J Heron, MCSE
> > Windows Server 2003/2000/NT; CCA
> > ----------------------------------------------------------------------------
> > This posting is provided "as is" with no warranties and confers no
> > rights
> >
> > "Ken" <Ken@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> > news:01B33A28-CE83-42EB-A235-B48A03336B88@xxxxxxxxxxxxxxxx
> > Yes I have that document in hand. I am just trying to get this up an
> > running
> > I am trying to audit folders for success/failure and I am looking at the
> > security log in event viewer. The folder has auditing set but when
> > tested
> > by
> > deleting test folders and creating text files etc nothing shows up in
> > event
> > viewer.
> >
> > "Ian" wrote:
> >
> > > Ken wrote:
> > > > Hopefully someone can guide me in the right direction. I am unable
> > > > to
> > > > get the
> > > > Auditing of Object Access to work. I have enabled object access via
> > > > the
> > > > default domain controllers policy and have set auditing on a
> > > > particular
> > > > object in Active Directory however I never see anything in the
> > > > security
> > > > logs
> > > > when I try to test by changing, deleting or modifying files. The
> > > > object
> > > > has
> > > > been set to Audit everything however nothing is showing up in the
> > > > logs.
> > > > When
> > > > I look at the local security logs is shows no effective permissions
> > > > for
> > > > the
> > > > audit policy. Can anyone provide me any insight on this ?
> > > >
> > > > Thanks,
> > > >
> > > > Ken
> > > Ken,
> > >
> > > A Step by step guide from ms:
> > > http://support.microsoft.com/default.aspx?scid=kb;en-us;314955&sd=tech
> > >
> > > What are you auditing and what logs are you looking at?
> > >
> > > Ian
> > >
> >
> >
>
>
.
- References:
- Re: Windows 2000 Auditing Object Access
- From: Ian
- Re: Windows 2000 Auditing Object Access
- From: Todd J Heron
- Re: Windows 2000 Auditing Object Access
- From: Ken
- Re: Windows 2000 Auditing Object Access
- Prev by Date: Re: Cannot install SP1 to HP proliant Domain Controller
- Next by Date: Re: BSOD - Stop 0x50 while Backup
- Previous by thread: Re: Windows 2000 Auditing Object Access
- Next by thread: Re: logon script question 2 (it wont work!)
- Index(es):
Relevant Pages
|
