Main Page 
PC Review
Forums
Newsgroups
Windows 2000
Microsoft Windows 2000 Group Policy
Follow-up to: Windows 2000 Professional local auditing policies and Sysprep
Forums
Newsgroups
Windows 2000
Microsoft Windows 2000 Group Policy
Follow-up to: Windows 2000 Professional local auditing policies and Sysprep
 |
Follow-up to: Windows 2000 Professional local auditing policies and Sysprep |
|
|
Thread Tools | Rate Thread |
19-03-2004, 03:57 PM
|
#1 |
|
Guest
Posts: n/a
|
Follow-up to: Windows 2000 Professional local auditing policies and Sysprep
Ok, yes, it's true..the best way to set auditing policies to all of the
workstations in this Windows 2003 domain with Windows 2000 Clients that we're reproducing was to use Windows Server 2003's Group Policy Editor. However, there's still one major step that I'm having issue with. Once the policy is set, We still need to configure auditing on each workstation to record all successes and failures of access in the security logs...special circumstance requirement. At this point that means going into the properties of each drive letter and setting auditing for the user 'everyone' and selecting each and every success and failure....then applying the new setting to include all folders and files from the root on out. This can take a good bit of time on each drive! Not to mention that you would have to keep your eye on them, as certain files can't be changed, such as swap files, etc...so you have to tell it to skip/continue. Is there a better way? If set on the master, would this setting survive a sysprep, or would sysprep reset this? Thank you in advance, once again! __________________________________________________________________ Tom Kemp MCSE/CNA/A+ ICQ#: 157741210 Current ICQ status: + More ways to contact me __________________________________________________________________ |
|
|
19-03-2004, 05:15 PM
|
#2 |
|
Guest
Posts: n/a
|
Re: Follow-up to: Windows 2000 Professional local auditing policies and Sysprep
Sure!
Use the File Permissions in the GPO where you are setting up the auditing. It is directly below the Local Policies node. You can set up auditing on any folder that exists on the computer. Just make sure the folder does exist, or you will get strange results for GPO application. -- Derek Melber BrainCore.Net derekm@braincore.net "Tom Kemp" <tntkemp@hotmail.com> wrote in message news:e0giHGcDEHA.1128@TK2MSFTNGP11.phx.gbl... > Ok, yes, it's true..the best way to set auditing policies to all of the > workstations in this Windows 2003 domain with Windows 2000 Clients that > we're reproducing was to use Windows Server 2003's Group Policy Editor. > > However, there's still one major step that I'm having issue with. Once the > policy is set, We still need to configure auditing on each workstation to > record all successes and failures of access in the security logs...special > circumstance requirement. At this point that means going into the > properties of each drive letter and setting auditing for the user 'everyone' > and selecting each and every success and failure....then applying the new > setting to include all folders and files from the root on out. > > This can take a good bit of time on each drive! Not to mention that you > would have to keep your eye on them, as certain files can't be changed, such > as swap files, etc...so you have to tell it to skip/continue. > > Is there a better way? If set on the master, would this setting survive a > sysprep, or would sysprep reset this? > > Thank you in advance, once again! > > > __________________________________________________________________ Tom Kemp > MCSE/CNA/A+ ICQ#: 157741210 Current ICQ status: + More ways to contact me > __________________________________________________________________ > > |
|
|
|
|
| Thread Tools | |
| Rate This Thread | |
|
|
