Re: audit facility in Windows 2000
- From: "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 19 Jan 2007 16:50:48 -0600
It will report whatever activities you audit such as logon, process
tracking, privilege user, or object access. The built in administrator
account will be audited for those activities just as all other accounts are.
Keep in mind however that a skilled administrator can delete or alter
security logs and that auditing of process tracking and particularly object
access will generate tons of events in the security log and will require
that the security log be increased in size substantially from default.
Steve
http://support.microsoft.com/default.aspx?scid=kb;en-us;300549
"adrian" <adrian@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:8C9B43CB-1E07-4CBA-AA1D-199347E249C7@xxxxxxxxxxxxxxxx
Can the audit facility be configured to report activities performed under
the
system administrator account ?
--
Adrian
.
- Prev by Date: Re: Account Lockout
- Next by Date: Re: Unexplained Failed Logins
- Previous by thread: Re: Unexplained Failed Logins
- Next by thread: Re: IIS security question-please help
- Index(es):
Relevant Pages
|
|
