----- Original Message -----
Sent: Thursday, January 23, 2003 8:20
PM
Subject: Re: [ActiveDir] Network Drive
Question
In order to determine who deletes a file you have
to enable file and folder access auditing in a policy and then configure the
files and folders that need to be audited. Once those requirements have been
met then you can determine who deleted the file by reviewing the security
log.
There are products that will allow you to recover
deleted files and folders but from my understanding it only works if the space
that the file once occupied on disk has not been written to. Search the
web for undelete and you should find a few apps.
Tim Hines, MCSA, MCSE (2000 & NT4)
MVP - Active Directory
"If you catch a man a fish, he eats for a day. If you teach a man
to fish he eats for a lifetime"
----- Original Message -----
Sent: Thursday, January 23, 2003 8:08
PM
Subject: [ActiveDir] Network Drive
Question
All
I know this is not directly ADSI but you have
to be 2000 savvy
to know ADSI well so here goes.
If a LAN user deletes a network folder , how
can I tell who deleted it?
If a LAN user deletes a network folder is there
any retrieval?
All help is appreciated!
Michael Penland
VIRUS SCANNED!
Marina One
VIRUS SCANNED!
Marina
One
