E
egedra
Is there a way to log everything a single user does on a
2000 domain??? Any utilities??? Any help is MUCH
appreciated
2000 domain??? Any utilities??? Any help is MUCH
appreciated
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
H
Harry Paratestes
Is this ethical practice at your workplace? If so, put in a security
camera, key logger, screen capture and lie detector --- the works!
Or are YOU the single luser getting audited?????
camera, key logger, screen capture and lie detector --- the works!
Or are YOU the single luser getting audited?????
E
egedra
I am not looking to log actions to the extreme of a key
logger, just any actions that the user is performing that
may cause a system malfunction. The user is another
administrator that has problems with our management, and I
am looking to cover my butt by logging the actions of the
three people with domain admin rights. Any help would be
appreciated. Thank you
logger, just any actions that the user is performing that
may cause a system malfunction. The user is another
administrator that has problems with our management, and I
am looking to cover my butt by logging the actions of the
three people with domain admin rights. Any help would be
appreciated. Thank you
H
Harry Paratestes
If you haven't done so, enable audit logging on your domain. Have your
security logs written to a folder where only your network security folks can
review (not modify) the logs. Permissions need to be set so that admins
cannot modify/delete/overwrite logs. Filter logs for specific user account
you're trying to monitor.
Here some reading that might help get you started(?):
http://www.microsoft.com/technet/security/topics/hardsys/TCG/TCGCH03.asp
http://support.microsoft.com/defaul...port/kb/articles/q300/9/58.asp&NoWebContent=1
http://support.microsoft.com/default.aspx?scid=kb;en-us;315417&sd=tech
http://techrepublic.com.com/5100-6270-5034634.html
http://techrepublic.com.com/i/tr/cms/contentPics/r00320030226pos01_04.gif
security logs written to a folder where only your network security folks can
review (not modify) the logs. Permissions need to be set so that admins
cannot modify/delete/overwrite logs. Filter logs for specific user account
you're trying to monitor.
Here some reading that might help get you started(?):
http://www.microsoft.com/technet/security/topics/hardsys/TCG/TCGCH03.asp
http://support.microsoft.com/defaul...port/kb/articles/q300/9/58.asp&NoWebContent=1
http://support.microsoft.com/default.aspx?scid=kb;en-us;315417&sd=tech
http://techrepublic.com.com/5100-6270-5034634.html
http://techrepublic.com.com/i/tr/cms/contentPics/r00320030226pos01_04.gif