R
Rembrandt
Is there a way to determine who has accessed the
shared drive ( C$ )on any given network machine?
TIA
shared drive ( C$ )on any given network machine?
TIA
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
H
Herb Martin
Rembrandt said:Is there a way to determine who has accessed the
shared drive ( C$ )on any given network machine?
Only Administrators have access to the C$ (etc.)
shares.
R
rembrandt
can you determine which adminstrator accessed it or
if any administrator accessed it at all?
TIA
if any administrator accessed it at all?
TIA
Herb Martin said:Rembrandt said:Is there a way to determine who has accessed the
shared drive ( C$ )on any given network machine?
Only Administrators have access to the C$ (etc.)
shares.
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
H
Herb Martin
With Auditing.
A share is technically an auditable object, but there
are no built-in tools for setting this on shares -- so
you might do better with auditing on the files and
directories (NTFS objects) on the share.
You can take a look a SetACL.exe (free) from
SourceForge.net -- IIRC, SetACL can set share
auditing. (But source is available so someone
could modify it if not.)
You will be able to distinguish which admin, if
your admins use their own accounts and you set
up auditing on the objects of interest.
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
A share is technically an auditable object, but there
are no built-in tools for setting this on shares -- so
you might do better with auditing on the files and
directories (NTFS objects) on the share.
You can take a look a SetACL.exe (free) from
SourceForge.net -- IIRC, SetACL can set share
auditing. (But source is available so someone
could modify it if not.)
You will be able to distinguish which admin, if
your admins use their own accounts and you set
up auditing on the objects of interest.
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
rembrandt said:can you determine which adminstrator accessed it or
if any administrator accessed it at all?
TIA
Herb Martin said:Rembrandt said:Is there a way to determine who has accessed the
shared drive ( C$ )on any given network machine?
Only Administrators have access to the C$ (etc.)
shares.
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]