|
Posted by Rodo on October 24, 2006, 11:55 am
Please log in for more thread options
Are system administrator commands traceable back to an individual user ID?
|
|
Posted by Roger Abell [MVP] on October 24, 2006, 12:49 pm
Please log in for more thread options
Except in so far as "actions" can be in components that can
have individual premissions, what you ask for is not how
securing and auditing in Windows is architected.
For the most part, objects are secured/audited with Dacl/Sacl,
and these may be the actor and the acted-upon. You are asking
to audit the action, which is not a general capability in Windows,
although some actions are auditable (login, logoff, privilege use,
etc.)
So, other than the specific actions that provide auditability,
you would need to devise auditing directions on the objects
the adim account might be acting upon.
Roger
> Are system administrator commands traceable back to an individual user ID?
>
>
|
|
Posted by MPerrault on October 24, 2006, 12:57 pm
Please log in for more thread options You can turn on auditing. Take a look at Active Administrator from
ScriptLogic. It tracks all changes made in AD and allows you to
isolate out who did what and where.
Michael P. Perrault
MCSE, CCNA, A+, MBA
Senior Systems Engineer,
ScriptLogic Corporation
Michael.Perrault@scriptlogic.com
www.scriptlogic.com
> Are system administrator commands traceable back to an individual user ID?
|
|
Posted by Roger Abell [MVP] on October 25, 2006, 1:08 am
Please log in for more thread options So you want to have a trace of the commands, or of the
effects resulting from the commands ?
> Are system administrator commands traceable back to an individual user ID?
>
>
|
|
Posted by Rodo on October 25, 2006, 9:22 am
Please log in for more thread options A trace of commands. From what you said in your previous post, I assume
results of command would show through auditing objects.
> So you want to have a trace of the commands, or of the
> effects resulting from the commands ?
>
>> Are system administrator commands traceable back to an individual user
>> ID?
>>
>>
>
>
|
| Similar Threads | Posted | | Tracking changes in ISS | May 9, 2007, 4:13 pm |
| tracking urls | April 9, 2006, 9:31 pm |
| Print tracking | October 22, 2007, 8:15 pm |
| Folder movement tracking | December 14, 2005, 8:47 am |
| Tracking user account activity. | March 30, 2006, 12:27 pm |
| user logon time tracking | November 3, 2006, 1:08 am |
| Admin Vs. Admin + Passphrase | November 22, 2005, 1:06 am |
| admin | June 29, 2006, 12:56 am |
| Admin Password | March 9, 2006, 6:15 pm |
| Admin rights | September 5, 2006, 11:27 am |
|
XML Sitemap