L
Lars
Hi there,
I've got a strange behaviour on a 2003 member data server :
For unknown reasons, the crashonauditfail key auto-activates, wich
prevent users to access network shares on this server, except in admin
rights.
I checked the security event log, and it's not full. What I don't
understand is : even if the security log gets full, it's not set to
block sessions, BUT to overwrite events.
I set this value to block, but this doesn't change my crashonauditfail
key to 1.
So what parameter changes it ??? I really thought this key was only in
relation with auditing !
For what else is it useful ?
And back to the first question : What changes automatically this value
to '1' ?
Many thanks.
Lars
I've got a strange behaviour on a 2003 member data server :
For unknown reasons, the crashonauditfail key auto-activates, wich
prevent users to access network shares on this server, except in admin
rights.
I checked the security event log, and it's not full. What I don't
understand is : even if the security log gets full, it's not set to
block sessions, BUT to overwrite events.
I set this value to block, but this doesn't change my crashonauditfail
key to 1.
So what parameter changes it ??? I really thought this key was only in
relation with auditing !
For what else is it useful ?
And back to the first question : What changes automatically this value
to '1' ?
Many thanks.
Lars