Solved

Auditing %SystemRoot%\system32 or c:\windows\system32 Files

Posted on 2009-07-06
3
738 Views
Last Modified: 2012-05-07
I have two questions for this subject:

1.  What is the difference between the SystemRoot location and the "windows" location?

2.  If I need to set auditing for specific files within the \system32 directory, does it matter if I set it through SystemRoot or in the \system32 directory?
0
Comment
Question by:myoutback
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 10

Accepted Solution

by:
PlusIT earned 125 total points
ID: 24784982
1.  the difference is that the SystemRoot is a variable poointing to your windows installation.  Not everyone installs c:\windows by using for example %systemroot%\system32 you are sure you can browse to the system32 folder even if your windows is not installed in C.
Try this by opening a cmd shell and echo the variable with the command: echo %SYSTEMROOT%

2.  try to use variables as much as you can.
0
 

Author Comment

by:myoutback
ID: 24793821
Thanks for the explanation.

If I wanted to set auditing to %SystemRoot%\system32\activeds.dll from the cmd shell, what would it look like?
0
 
LVL 10

Assisted Solution

by:PlusIT
PlusIT earned 125 total points
ID: 24801766
i'm not sure tbh never done it myself this maybe can help you:
http://technet.microsoft.com/en-ca/magazine/2008.08.scom.aspx
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question