| Author |
Message |
Sensay
Guest
|
 Posted:
Wed Nov 23, 2005 9:16 am Post subject:
File monitoring |
|
|
Hello,
how are you doing ?
how can i make monitoring on the files on the server, i need to know who is
accessing the files at what time and who is making changes to them, can i get
a report of these information ? and how ?
thanks in advance
Sensay |
|
| Back to top |
|
 |
Wong Tuck Wah
Guest
|
| Posted:
Thu Nov 24, 2005 9:16 am Post subject:
RE: File monitoring |
|
|
You are asking for auditing.
To have auditing you need to perform the following...
1. enable auidting on the system (auditing is per system basis)
Programs -> Administrative Tools -> Local Security Settings -> Local
Policies -> Audit Policy -> Audit Object Access (success | failure)
2. launch Windows Explorer to access the folders or files you want to have
auditing
<folder|file> -> Properties -> Sceurity tab -> Advanced -> Auditing tab
Add the Everyone group in the SACL and group successful|failureure action
for the required access of interest.
If you need to enable auditing for many servers, it is more efficient to
create an OU, place all the servers into this OU and use GPO to enable the
require audit events and link the GPO to the OU.
3. You can then view the auidt results in the Event Viewer -> Security log
HTH. |
|
| Back to top |
|
|
Sensay
Guest
|
| Posted:
Thu Nov 24, 2005 11:30 pm Post subject:
RE: File monitoring |
|
|
Hi, thanks for ur reply
well the output is really unreadable, too many events, and too many codes.
the result is going to be read by the user him self. so this way is really
not going to work out with . is there any other way ?
i also have a second question: can i deny users from taking files from a
specified shared folder on the serve?, they can only view these files and
open them but not copy them and take them, can i deny such thing ?
thanks again
Sensay
"Wong Tuck Wah" wrote:
| Quote: | You are asking for auditing.
To have auditing you need to perform the following...
1. enable auidting on the system (auditing is per system basis)
Programs -> Administrative Tools -> Local Security Settings -> Local
Policies -> Audit Policy -> Audit Object Access (success | failure)
2. launch Windows Explorer to access the folders or files you want to have
auditing
folder|file> -> Properties -> Sceurity tab -> Advanced -> Auditing tab
Add the Everyone group in the SACL and group successful|failureure action
for the required access of interest.
If you need to enable auditing for many servers, it is more efficient to
create an OU, place all the servers into this OU and use GPO to enable the
require audit events and link the GPO to the OU.
3. You can then view the auidt results in the Event Viewer -> Security log
HTH.
|
|
|
| Back to top |
|
|
Wong Tuck Wah
Guest
|
| Posted:
Fri Nov 25, 2005 9:15 am Post subject:
RE: File monitoring |
|
|
| Quote: | well the output is really unreadable, too many events, and too many codes.
the result is going to be read by the user him self. so this way is really
not going to work out with . is there any other way ?
|
You need to get 3rd-party software to format them into more user-friendly
presentations.
| Quote: | i also have a second question: can i deny users from taking files from a
specified shared folder on the serve?, they can only view these files and
open them but not copy them and take them, can i deny such thing ?
|
This is always the question ask. Sad to say, native Windows OS doesn't have
such capability - once you can read, you can copy too.
You need some rights-management software or software copy-protection
technologies. (search web site for such products)
HTH. |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in