Greetings!!
We are using Windows NT 4.0 and currently have 7 servers, a PDC, 2 BDCs
and the rest are member servers. We have a problem regarding security auditing.
We can only audit users who are accessing files from the PDC and BDC.
How come we couldnt audit users who are connecting to all members
servers??? There were already an incident before, two or more users
have accidentally deleted files from our member server which we couldnt
trace because the security log in the event viewer, where those two users
are connecting was empty or editing is not turned on while infact it already has.
DHCP is installed in the PDC. All servers have static IP. Auditing is already turned.
We are seeking for help and hoping that you could provide us a good solution for these matters.
RANDY(RED) SILVA