Re: Audit Object Access Problem
From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 01/26/05
- Previous message: Steven L Umbach: "Re: Norton Permissions in Win2k"
- In reply to: JayJ: "Re: Audit Object Access Problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 25 Jan 2005 20:35:46 -0600
Jason.
I am at a loss as to why you are seeing that many events if auditing of
global objects is disabled and you are sure that no folders are enable for
auditing. For Windows 2000 computers make sure it shows as disabled for
"effective" setting in Local Security Policy. I could understand that a lot
of events would be reported on a domain controller or busy server but not a
workstation. --- Steve
"JayJ" <jmcinnes@mighty.co.za> wrote in message
news:1106664662.041032.49180@f14g2000cwb.googlegroups.com...
> Hi Steven
>
> Thanks for the reply.
>
> I'm seeing thousands of entries per minute, even though the option you
> describe is disabled (access of global system objects). Do you know
> what could be causing entries like
> \Device\{29633AC7-C9B6-407B-8FE3-D079B0304CA3} to be audited? 99% of
> the entries are these \Device\ ones.
>
> Thanks
>
> Jason
>
- Previous message: Steven L Umbach: "Re: Norton Permissions in Win2k"
- In reply to: JayJ: "Re: Audit Object Access Problem"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
