Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Event 4670: Files/Folder Audit Permission Reporting

Posted on 2012-04-11
2
Medium Priority
?
1,269 Views
Last Modified: 2012-08-21
Hi,

We have a file server with more than 1000 folders and we want to generate a report from the event ID 4670:

Who changed the permission
Who changed the ownership
To Whom was the permission was given
To Whom was the ownership was given
Who took ownership
What permission was change
Compare the new and old permission

Is there a script  that can handle this? I've seen a 3rd party application named SecReport anyone knows a free application as an alternative which can provide a human-readable reports that allow for easy identification of users and groups that have various levels of access to file/folders.
0
Comment
Question by:jayrbarrios
2 Comments
 
LVL 17

Accepted Solution

by:
Anuroopsundd earned 1500 total points
ID: 37836139
0
 
LVL 1

Author Comment

by:jayrbarrios
ID: 37836271
Thanks for the info, I tried the tool but it only gives me a general report, when I changed the permission from Read/Execute to Modify it will just give me this info:

[4/12/2012 2:44:03 PM] CHANGED->\\WS08MDT01\Share\Department 3

I'm looking for something that can analyze the logs even after the event has taken placed.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware, the malware that locks down its victim’s files until they pay up, has always been a frustrating issue to deal with. However, a recent mobile ransomware will make the issue a little more personal… by sharing the victim’s mobile browsing h…
Let's take a look into the basics of ransomware—how it spreads, how it can hurt us, and why a disaster recovery plan is important.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question