Solved

how to trace which user/machine that deleted files in a common network share

Posted on 2011-03-17
5
698 Views
Last Modified: 2012-05-11
Hello,

I have a file server running on windows 2003 server. I setup a common share for recreation for users to push-pull (all users authenticate to the share as one single user). Now someone deleted a folder that is commonly used and this caused a commotion. How do I trace which user/machine did it? Thank you.

dimitri
0
Comment
Question by:uridimitri
  • 2
  • 2
5 Comments
 
LVL 37

Expert Comment

by:Neil Russell
ID: 35154924
You need to enable and use Auditing.

See this other thread here.  http://www.experts-exchange.com/Networking/Network_Management/Auditing_Software/Q_22631265.html
0
 
LVL 2

Accepted Solution

by:
prerakg earned 500 total points
ID: 35155137
In case of multiple users using the shared resources as a single user on network its very difficult to trace who actually did it.

I faced similar issue and the only way i did it by guessing the time of event when last the folder was modified who actually was working that time can be checked with event messages of windows
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 35155161
Multiple users as a single user? You allow generic logins on an AD Network?
0
 

Author Comment

by:uridimitri
ID: 35155373
Yes multiple users as a single user. I gave the same username & password to everyone who needs to access this shared folder. Well if it is difficult to trace then I'll just have to accept it. Thank you all.
0
 

Author Closing Comment

by:uridimitri
ID: 35155603
Thanks for the info
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question