On 26 Sep 2005, at 5:02 pm, "MisterX" <[EMAIL PROTECTED]> wrote:
yes and no. This is recorded in the windows audit events though
so yes. but only if you are using auditing of files in the GPOs
(AD) or the user priviledges in NT4 domain. So only if implemented
that way.
Xavier,
Yoinks! Out of my depth already! Still, thanks for your information,
it is a start.
Test first. is it a client requirement?
It can also change depending on upgrades.
I've seen it happen.
Unfortunately, I am looking at forensic use which will point towards
files that the user has 'used' ie accessed or modified. They may well
want to avoid leaving a trail, and may access files in all sorts of
ways, using different software. I was hoping that the detailed files
would be a one line solution, but it looks like it will be a good first
strategy.
Thanks again,
Best Wishes,
David Glasgow
http://www.i-psych.co.uk
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
