RE: [ActiveDir] Windows 2000 Security Log Rights

[Rich Milburn]

Title: Windows 2000 Security Log Rights

We were supposed to set up auditing this way in the Navy, and as I understood it, you used that setting to allow an auditors group access to the security log and removed admins from the rights to access auditing (so admins couldn’t erase their tracks).  Also auditors were supposed to have full rights to the actual event logs for the same reasons (but not admins).  I’d think you would want to set the NTFS read-only access for that group on the files… but I’ve never actually done this (I said what we were *supposed* to do) J so there might be another way to do it… Rich   From: Burkes, Jeremy [contractor] [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 07, 2004 11:14 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Windows 2000 Security Log Rights   Okay everyone probably a stupid question but here it goes.  We have a user who has some rights to domain controllers but not full administrative rights.  We want this user to be able to view only the security log.  Is there a way to provide just view only rights to the security log.  I am assuming this is not possible since it would be in the same section where you find managing auditing and security log in group policy under computer configuration\windows settings\security settings\local policies\user right assignments.  But I just wanted to check to see if you guys knew anything different.  TIA. Jeremy -------APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE------- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system.