PistonHeads
PistonHeads
Buy
Sell
Forum
Gassing Station » Computers, Gadgets & Stuff
PistonHeads » Gassing Station » The Pie & Piston » Computers, Gadgets & Stuff
2003 Server User Auditing
My ProfileMy PreferencesMy Mates
SearchMy Stuff
What's New3122472

2003 Server User Auditing

Reply
OP Posts Only
OP Posts Only
Reply
OP Posts Only
Author
Discussion

nekrum

Original Poster:

572 posts

278 months

[report]
[news]
Thursday 17th March 2005
quotequote all
Hello All

Does anyone know the best way to audit what files / folders delete by who did it and when.

Got phantom file deletions!....

Thanks

_DeeJay_

4,899 posts

255 months

[report]
[news]
Thursday 17th March 2005
quotequote all
restrospecively - it's going to be difficult.
You can setup auditing on the files for next time though (once you've restored from backup!)

nekrum

Original Poster:

572 posts

278 months

[report]
[news]
Thursday 17th March 2005
quotequote all
_DeeJay_ said:
restrospecively - it's going to be difficult.
You can setup auditing on the files for next time though (once you've restored from backup!)


What's the best method to do this?

_DeeJay_

4,899 posts

255 months

[report]
[news]
Thursday 17th March 2005
quotequote all
nekrum said:

_DeeJay_ said:
restrospecively - it's going to be difficult.
You can setup auditing on the files for next time though (once you've restored from backup!)



What's the best method to do this?


You can determine which files are audited using NTFS auditing.

Basically, you:

1) enable auditing (which is the done using policies)
2) Select which files/folders you want to audit and for what actions (right click on the folder, properties, security, auditing)

D
Reply
OP Posts Only
OP Posts Only
Reply
OP Posts Only

Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff