outs.
Cheers!
John Reijnders
MCSE Windows Server 2003
-Original Message-
From: Joe
To: [EMAIL PROTECTED]
Sent: 25-9-2003 3:36
Subject: RE: [ActiveDir] Security Logs
The only way to give out the ability to non-admins to read the security
log
in Windows NT or Windows 2000 is to grant
I think I'd create a web page which uses WMI to query the logs and
displays (say) the last half hour's data or asks for a username and then
shows the data relevant to that user - a quick google gives
http://www.eggheadcafe.com/articles/20010614a.asp which looks like a
good starting point.
Steve
-
The only way to give out the ability to non-admins to read the security log
in Windows NT or Windows 2000 is to grant the "Manage auditing and security
logs" security user right. You DO NOT want to do this as it gives the user
the ability to both clear the security log as well as write security eve
James-
I think that the riskiest thing that someone can get out of the security
logs is information on all of the user accounts and groups within your
domain. Since there isn't a way to block this information if they have
access to the live logs, it may not be something the other companies
would lo