That's where something like MACS comes in (MS Audit
Collector Service) - should be available shortly after SP1 for 2003 (but will
also collect security logs from 2000 machines). You auditor will then be
able to access all collected security event logs from a central database (makes
analysis much easier as well). And you don't need to grant them any special
rights either.
/Guido
From: Burkes, Jeremy [contractor] [mailto:[EMAIL PROTECTED]
Sent: Mittwoch, 7. Januar 2004 18:14
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Windows 2000 Security Log Rights
Okay everyone probably a stupid question but here it goes. We have a user who has some rights to domain controllers but not full administrative rights. We want this user to be able to view only the security log. Is there a way to provide just view only rights to the security log. I am assuming this is not possible since it would be in the same section where you find managing auditing and security log in group policy under computer configuration\windows settings\security settings\local policies\user right assignments. But I just wanted to check to see if you guys knew anything different. TIA.
Jeremy
