NT Auditing question - TechRepublic
General discussion
March 22, 2001 at 12:19 PM
bwatson

NT Auditing question

by bwatson . Updated 25 years, 3 months ago

I am auditing success and failures on several private user folders on my network. Recently I have been getting failure audit messages on these private folders with one users name on all of them. My problem is that the user denies the access attempts. My question is: Is there a way to identify the MACHINE, rather than the user that attempted the access to these folders. Is there a MAC address somewhere in the failure auditing that I can’t find? Is there something else I can turn on? Any help would be greatly appreciated.

This discussion is locked

All Comments