Cool, Yeah Icacls is only for Win2k3 SP2, which is not the majority of my file-server systems. I have a mix of NAS devices on EMC celerra, Win2k, Win2k3, etc etc servers that I need visibility over.
As for AD, I need to see a attribute by attribute change in readable characters ( not SID's and GUIDS that I have to hunt down via ADFIND or some other method, if someone made a change to an account I want to see what it was before and afterwards, and be able to roll it back accordingly, usually these events are auditing under 566, 565 Account Management. Z -----Original Message----- From: Tom Strader [mailto:[EMAIL PROTECTED] Sent: Friday, January 04, 2008 12:31 PM To: NT System Admin Issues Subject: RE: Documentation, Restore and snapshoting of Server permissions software question Security Explorer is pretty good for #1 "Z" . We use it here to backup permissions, NTFS, etc. Does a good job for us. Tom -----Original Message----- From: Ziots, Edward [mailto:[EMAIL PROTECTED] Sent: Friday, January 04, 2008 11:04 AM To: NT System Admin Issues Subject: Documentation, Restore and snapshoting of Server permissions software question To the list, After much angst and nagging, I have been given the go ahead to take a look into software that will do the following. For those with experience in using software to cover these areas and others, please feel free to chime in what has worked well for you and your staffs. I need the software to do the following. 1) Snapshot the NTFS/Share permissions on a server by server basis over time, to assist in recovery if my helpdesk etc etc steps on the permissions and causes issues with the servers. ( I believe Scriptlogic and Security Explorer and a few others in this realm I have seen but not played with personally) 2) Eventlog management tools to track, alert, manage and archive logs to a SQL Database or other remote medium for auditing and compliance. I can see this with both Agent based and non-agent based deployments. ( GFI, SMS, MOM, Configuresoft, Netpro, Quest, etc etc?) I am looking to track the following: AD changes, modifications, down to an attribute level, server permission changes, additions, deletes at the file and folder level, with a nice reporting mechanism accordingly, to get proactive with this) ( Also its an internal audit recommendation) Feel free to chime in on the good/bad/ugly of the situation. Z ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
