Archived from groups: microsoft.public.win2000.security (
More info?)
Thanks for the info. It helped to point me in the right
direction.
>-----Original Message-----
>You can enable auditing of object access in Local
Security Policy [secpol.msc]
>and then audit files and folders. The events that show
in the security log are
>not exactly user friendly but the info should be there.
Examine Event ID's 560
>and 562 as pairs by timestamps. Audit only permissions
needed to keep the number
>of events down which will still be very substantial. The
links below give more
>detail. --- Steve
>
>http://support.microsoft.com/default.aspx?scid=kb;en-
us;301640
>http://www.microsoft.com/technet/security/guidance/secmod
144.mspx
>
>
>"James Mckillop" <anonymous@discussions.microsoft.com>
wrote in message
>news:6dc801c483b3$d73b2a20$a501280a@phx.gbl...
>> Can I set up a log for just one file? I want to know
who
>> opens it, when it is done, and for how long. Can this
be
>> done. I am using windows 2000 server.
>
>
>.