Who dun it?

[dsmbucky]

We have had a couple of instances where the full container is being given all rights to a certain folder.
This is a departmental folder and only a few people should even be able to see it but all of a sudden everyone can see it.

We do not have any auditing on.

What is the best way to find out WHO changed the rights to mistakenly give everyone full access?

Also is there a way to actively monitor if the whole container gets rights anywhere - so we can find these things out BEFORE some disgruntled user has to tell us?


Any thoughts would be great!!

 

[Seaspray0]

enable auditing in group policy for the pc/server that holds this folder. Goto the folder and in the advanced security settings, enable auditing on the folder. Verbally tell everyone who has access to change the permissions that you are monitoring the folder and if anyone changes them, you will know who did it (but not how you will know). Chances are that the permissions do not change again.


A+/MCP/MCSE/MCDBA