Thanks to everyone for your input. It is GREATLY appreciated. I was finally able to figure it out. In IIS, the anonoymus logon was using a User account and not an Admin account. I changed it and it worked, thank the Lord! I'm off to bed before i drop. Goodnight all and THANK YOU again!
----- Original Message ----- From: "John T (Lists)" <[EMAIL PROTECTED]> To: <declude.junkmail@declude.com> Sent: Friday, November 03, 2006 1:36 AM Subject: RE: [Declude.JunkMail] Can someone help? > To turn on auditing (which I never understand, why it's not turned on by > default in Windows) - MS gives you quite a run-around: First, in the NT 4.0 days, auditing could easily use up resources and create a huge security log file depending upon the configuration of the security log file. Second, auditing can produce a lot of data, even if configured very narrowly, that one then has to wade through. > - Windows Explorer - go to the root directories of each disk, properties, > security, Advanced, Auditing, add the "Everyone" user and mark the "failed" > checkmarks for the complete list of accesses (I personally also audit > successful change permissions and take ownership). Apply this and let it > propagate to all subfolders. > > - Local Security Policy - to to "Local Policies", "Audit Policies" and turn > on all failures. (I personally also audit successful account management and > audit policy changes). Actually, what I do for my servers and for client, is in the Default domain policy (local security policy if no domain,) enable those auditing policies that are appropriate (not all are needed for normal business) AND enable both success and failure on object access. NOTE that auditing of object access is the ONLY auditing that requires 2 steps. All other auditing takes affect without further intervention. Then, only when needed, (or if by company policy they want to track changes to files in a particular folder such as say payroll data sheets) I go to the folders properties that I want to audit and enable auditing again for what is needed only. Once I am done auditing, I disable on that directory. John T eServices For You "Life is a succession of lessons which must be lived to be understood." Ralph Waldo Emerson (1802-1882) --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
