Re: Audit - Summary of the folders and files
- From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
- Date: Tue, 7 Nov 2006 07:12:51 -0700
Basically you need to run a process (your script, third-party tool, etc.)
over all of the storage and examine the NTFS Audit SACL.
My own approach would be to integrate the server by setting it to
the defined standards in use. That is, after becoming familiar with the
storage structure, there would be a statement of how it should be set
for share level and NTFS level permissions, and of whether any of
the areas in the store should be auditied and for what kind of access.
The storage would then be brought under known NTFS (and share level)
control. The shorter form of this, addressing your issue, would be to
go into the NTFS settings at the root and clear the Auditing and have
that auditing setting propagate to all substructure (be careful here so
that you do not also propagate the non-audit, normal grants).
"alex514" <alex514@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F233424F-8502-4A4E-AF7F-0D977F756AEF@xxxxxxxxxxxxxxxx
We acquired a server from another depertament that has some files and
folders
audited.
We want to know how to retrieve the list of the files and folders audited
as
we have no document that specify where they are.
Looking file by file is NOT a solution as we have hundred of folders and
thousand of files where auditing have been applied.
Did not find any trace in registry.
Any idea?
Thanks
.
- Prev by Date: Re: domain admin account impersontating
- Next by Date: Setting COM Security at the parent levels
- Previous by thread: GPO for trusted root CA certs
- Next by thread: Setting COM Security at the parent levels
- Index(es):
Relevant Pages
|
|
