|
yes, you need to enable auditing on the volume and then audit the specific actions that you want to monitor.
let me toss win2k server into a virtual machine and get you some steps.
Ok, inside of the control panel, open administrative tools, then local security policy. Under local policies, open audit policy, double click audit object access, and check success and failure. This enables the auditing. Now we need to tell it what to audit.
browse to the folder you want to manage and right click, then select properties, then the security tab, then the advanced button, then the auditing tab, now add the users and the actions you want audited, Either a user or a group.
Now, open the management console (right click my computer then select manage) and select the event viewer then the security section, all events will be logged here.
__________________
Donate Blood!
"Love is not finding the perfect person, but learning to see an imperfect person perfectly." -Sam Keen
Last edited by Dilbert1234567; 04-04-2007 at 04:12 PM..
Reason: Automerged Doublepost
|