D
Derek
Hello,
I am trying to find a detailed document that describes each item in a system
access control list (SACL). These are the ACL's on an AD object. Here is a
clip from a Microsoft document that explains what I am looking for.
Thank-you.
The Audit directory service access setting determines whether to audit the
event of a user accessing a Microsoft Active Directory object that has its
own system access control list (SACL) specified. A SACL is list of users and
groups for which actions on an object are to be audited on a Microsoft
Windows 2000-based network. If you define this policy setting, you can
specify whether to audit successes, audit failures, or not audit the event
type at all. Success audits generate an audit entry when a user successfully
accesses an Active Directory object that has a SACL specified. Failure
audits generate an audit entry when a user unsuccessfully attempts to access
an Active Directory object that has a SACL specified. Enabling auditing of
directory service access and configuring SACLs on directory objects can
generate a large volume of entries in the security logs on domain
controllers, you should only enable these settings if you actually intend to
use the information created.
Note that you can set a SACL on an Active Directory object by using the
Security tab in that object's Properties dialog box. This is analogous to
Audit object access, except that it applies only to Active Directory objects
and not to file system and registry objects.
I am trying to find a detailed document that describes each item in a system
access control list (SACL). These are the ACL's on an AD object. Here is a
clip from a Microsoft document that explains what I am looking for.
Thank-you.
The Audit directory service access setting determines whether to audit the
event of a user accessing a Microsoft Active Directory object that has its
own system access control list (SACL) specified. A SACL is list of users and
groups for which actions on an object are to be audited on a Microsoft
Windows 2000-based network. If you define this policy setting, you can
specify whether to audit successes, audit failures, or not audit the event
type at all. Success audits generate an audit entry when a user successfully
accesses an Active Directory object that has a SACL specified. Failure
audits generate an audit entry when a user unsuccessfully attempts to access
an Active Directory object that has a SACL specified. Enabling auditing of
directory service access and configuring SACLs on directory objects can
generate a large volume of entries in the security logs on domain
controllers, you should only enable these settings if you actually intend to
use the information created.
Note that you can set a SACL on an Active Directory object by using the
Security tab in that object's Properties dialog box. This is analogous to
Audit object access, except that it applies only to Active Directory objects
and not to file system and registry objects.