ShowACLs from the Resource kit... hth At 08:57 AM 4/8/2002 -0400, you wrote: >The concern is that the former admin modified permissions to allow his user >account access to files that normally only an administrator would have >access to. I was hoping that there might be an application that can look at >the files on a server and give me a permissions review/report so I can look >for any irregularities. I'm not looking to track or change any passwords. > >-----Original Message----- >From: Andrew Baker [mailto:[EMAIL PROTECTED]] >Sent: Friday, April 05, 2002 3:50 PM >To: MSWinNT Discussions >Subject: RE: Server/file utilities > >You aren't likely to find a single tool that handles both functions. > >You can track passwords: > >http://www.ultratech-llc.com/KB/?File=Passwords.TXT > >I'm not aware of any tools to handle auditing of attribute changes outside >of the generic Auditing. > >-----Original Message----- > >Servers: NT4 sp6a, strict NT4 domain > >Have two situations which might be handled by the same utility. I am >looking for some software that might help me out. > >1) Have the rare situation where an administrators account has been taken >away from them but they haven't left. Management is naturally concerned >that said admin might have given his user account file by file access on >some servers. Any software suggestions on what I can use to examine servers >for traces of his user account? > >2) Have a server (NT4 sp6a) which admins have reported to me has had large >blocks of files become read-only. I've been told this has happened a >"couple of times" over "the past couple of weeks". I know I could kick up >the auditing another notch on this server but I'm sure there has to be >something out there that would let me monitor security/attribute changes a >little more, um, elegantly. Suggestions anyone? > >------ >You are subscribed as [EMAIL PROTECTED] >Archives: http://www.swynk.com/sitesearch/search.asp >To unsubscribe send a blank email to %%email.unsub%%
------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
