Re: File Audit
- From: "Herb Martin" <news@xxxxxxxxxxxxxx>
- Date: Fri, 6 Jul 2007 18:40:39 -0500
"snakesboy" <snakesboys@xxxxxxxxx> wrote in message
news:1183716064.137043.208140@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I have set the file audit modify and delete and which event ID
represent a user have modified or
have deleted the file .I hope to kbow which user have modified and
delete of the special fle
You have to also enable File (i.e., OBJECT Auditing) in the Local
Security Policies or through a GPO.
Auditing of files and other objects requires TWO types of settings:
1) ACLs on the Files (like permissions but for auditing)
2) General enabling of the auditing
Both are required.
--
Herb Martin, MCSE, MVP
http://www.LearnQuick.Com
(phone on web site)
.
- References:
- File Audit
- From: snakesboy
- File Audit
- Prev by Date: Re: Adding New Disks
- Next by Date: Raid 5 repair in Windows Server 2003
- Previous by thread: File Audit
- Next by thread: 2K3 shares going offline 3 or 4 times a day ...
- Index(es):
Relevant Pages
|
