Yeah, we're not going to be turning auditing on for this request. We have a region office that is working on a complete redesign of their file structure and permissions, and wanted this info to prune some stale files. I'm not crippling the server for that...
From: [email protected] [mailto:[email protected]] On Behalf Of Michael B. Smith Sent: Thursday, January 23, 2014 9:11 AM To: [email protected] Subject: [NTSysADM] RE: Is this possible with Powershell? Correct. Windows does not store access tokens. File auditing is an option. BE AWARE: the overhead is high. Especially on a busy server. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Aakash Shah Sent: Thursday, January 23, 2014 12:06 PM To: [email protected]<mailto:[email protected]> Subject: [NTSysADM] RE: Is this possible with Powershell? I don't believe that Windows stores who accessed a file by default (but someone can correct me if I'm wrong). While I haven't tested this, if you enable file auditing, you could potentially parse the logs to see what files were accessed and then reference them against the directory structure to identify who accessed the files. -Aakash Shah From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Heaton, Joseph@Wildlife Sent: Thursday, January 23, 2014 8:48 AM To: NT System Admin Issues Discussion list Subject: [NTSysADM] Is this possible with Powershell? I have a request that just came across. Is it possible to have Powershell go through a directory structure, looking at each file, and gather the following: Last accessed date (I think easy) Last person that used/accessed (this is the part I don't know if it is possible) Thanks, Joe Heaton
