You can audit pretty much anything that happens but it's not going to be
pretty, easy; and no, there's no "standard" to auditing events. Start by
searching both TechNet and MSDN at microsoft.com for "auditing" and "event
viewer" and you'll find dozens of white papers, reference articles, etc.
--
Richard G. Harper [MVP Shell/User]
(E-Mail Removed)
* NEW! Catch my blog ...
http://msmvps.com/blogs/rgharper/
* PLEASE post all messages and replies in the newsgroups
* The Website -
http://rgharper.mvps.org/
* HELP us help YOU ...
http://www.dts-l.org/goodpost.htm
"nick" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On Aug 16, 4:48 pm, "Richard G. Harper" <rghar...@email.com> wrote:
>> Unless you already had auditing in place at the time of the changes,
>> there's
>> no way to go back later and discover who did what.
>>
>> --
>> Richard G. Harper [MVP Shell/User] rghar...@gmail.com
>> * NEW! Catch my blog ...http://msmvps.com/blogs/rgharper/
>> * PLEASE post all messages and replies in the newsgroups
>> * The Website -http://rgharper.mvps.org/
>> * HELP us help YOU ...http://www.dts-l.org/goodpost.htm
>>
>> "nick" <cipher7...@gmail.com> wrote in message
>>
>> news:(E-Mail Removed)...
>>
>>
>>
>> > We have a file on our server which was modified. Upon checking
>> > permissions it was found that only the IT group had access to this
>> > file. However, extra members were added to the IT group which did not
>> > belong there. Is it possible to find out when those members were
>> > added, and who added them? We had some junior admins. here and I'd
>> > liked to find out which one made the change.- Hide quoted text -
>>
>> - Show quoted text -
>
> Is there a standard way to put auditing in place? Let's say I wanted
> to definitely track this information because some admin. gave
> permissions, and is blaming the other admin. What's the best way to
> keep track of this stuff?
>
Similar Threads
