G
Guest
All,
Security at my site is VERY strict. I have a new requirement to be able to
audit (Full Control) success and failure on the root of each workstations
hard drive. I am trying to do this via GPO. I am using this configuration:
Computer Configurations | Windows Settings | Security Settings | File System.
I put the variable %systemroot% in for the local hard drive. This part works
ok. Once i have the %systemroot% variable i can then set NTFS and AUDITING
permissions on that folder.
This is my problem. I do not want to replace the ACL on NTFS permissions on
workstations across my domain. We have several workstations that are
specially configured with NTFS permissions on the local hard drive to meet
other security needs. I do however, want to replace the auditing permission
to audit EVERYONE for FULL CONTROL on SUCCESS and FAILURE of anything.
So, How do I replace the auditing permissions using this methoad but not
replace the NTFS permissions on the %systemdrive% at the same time?
Security at my site is VERY strict. I have a new requirement to be able to
audit (Full Control) success and failure on the root of each workstations
hard drive. I am trying to do this via GPO. I am using this configuration:
Computer Configurations | Windows Settings | Security Settings | File System.
I put the variable %systemroot% in for the local hard drive. This part works
ok. Once i have the %systemroot% variable i can then set NTFS and AUDITING
permissions on that folder.
This is my problem. I do not want to replace the ACL on NTFS permissions on
workstations across my domain. We have several workstations that are
specially configured with NTFS permissions on the local hard drive to meet
other security needs. I do however, want to replace the auditing permission
to audit EVERYONE for FULL CONTROL on SUCCESS and FAILURE of anything.
So, How do I replace the auditing permissions using this methoad but not
replace the NTFS permissions on the %systemdrive% at the same time?