Re: Permissions and Auditing


"steve" <stevesemple@xxxxxxxxx> wrote in message
news:1181577317.227064.9700@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I have a file that someone cant open becasue of some permission issue.
The file is an excel file.

I was wondering if I can use auditing to track down the problem. (I
have used effective permissions but it looks good to me.)

You can try but it isn't likely to tell you anything you don't already know.

You already know there is a permission (denied) problem so that is
pretty much what the auditing will say too.

I wondered if I could use the auditing to see what failures are
occuring when the user trys to open the file.

It might show that the file is being opened for FC, Write, etc when
all you need is READ, but other than that it is just going to show
what you already know: permission was denied.

(right click file/ click properties/click security /click advanced /
click auditing.)
I did this but Im not sure where to see the results or if the results

Event Viewer.

will tell me what I need. The file is on a share on a 2003 server but
the link to it is on an xp computer.

File or rather "Object Auditing" requires TWO different settings however;
you must set it on the FILE PROPERTIES as you describe but also must
enable the general Object Auditing in the Local Security of the Server
or through Group Policy.

1. Where will I see the results

Event viewer, Security Logs.

2. Will they be usefull to see what is causing a falure to open a
file.

Probably not. You seem to already know which file is the problem.


If you don't know WHICH program etc is attempting to open the file
there is a FileWatch program (free) at SysInternals.com which will
show both, along with the failures which might be more useful but usually
this is only needed for the most difficult permission issues.

You might want to just POST the output from the command line XCalcs.exe
or Calcs.exe if you already know which file is the problem.

Are you sure that it isn't due to having the file OPEN by two different
programs/processes? This is not really a "permission" (i.e., security)
problem.

If one program has the file open for "exclusive read" then no other
program can open it even for "read".



--
Herb Martin, MCSE, MVP
http://www.LearnQuick.Com
(phone on web site)


.

Relevant Pages

  • Re: Detail display for audit policy
    ... manipulating with security such as Scriptlogic's Security Explorer ... are talking about auditing I would suggest using Active Administrator ... If I want to audit the user permission. ... auditing through Group Policy, you can enable it in each server's Local ...
    (microsoft.public.windows.server.security)
  • Re: IIS - Access denied by ACL
    ... Have you turn on auditing ... >> permission to which file. ... >> files in your windowsroot folder and program files folder, ... >>> I've tried adding Everyone, IUSR, IWAN, creator, system, and myselv ...
    (microsoft.public.inetserver.iis.security)
  • Re: auditing active directory not working properly directory service access
    ... Check the other containers such as OUs, computer, user, domain controllers ... to see if any auditing is configured there also which you would also want to ... > After enabling auditing for permission changes on the root of the domain, ...
    (microsoft.public.windows.server.security)
  • Re: File Open/Close Auditing
    ... then I assume he got permission and I don't care how. ... you can create an audit ACE that triggers ... > when user foo opens the file for read, ... >> folders for auditing. ...
    (microsoft.public.platformsdk.security)
  • Re: Server Reports empty
    ... Security Exception ... To grant this application the required permission ... The server will start to collect new counter value from ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)