- In Administrative Tools\Local Security Policy\Local Policy\Audit Policy turn on Audit Object Access for success and failure.
- Then, using Windows Explorer, access the audit properties of the files and/or folders to audit and turn on auditing for the user or group you wish to track. If you select the Authenticated Users group, this will provide audit records in the Security Log for the individual user who has modified, or otherwise accessed the file.
Yes, Unix systems do things differently. But in most systems, including Win2k the "owner" of the file is not necessarily the original creator of the file. Auditing will provide you with that information. But in Windows 2000, auditing must be turned on in order to record it.
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.