Avatar of leadtheway
leadtheway
Flag for United States of America asked on

Find source of file copy from

Have a 2008 R2 server that we are trying to move away from, however there seems to be some obscure process or script either coming from that server or some other server that is writing to a share on this server.  Its same time every day. Can't find any task or script on that machine that is doing it so I'm wondering if this is coming from another server. Is there something that can tell me or something i can leave running and log it?
Windows Server 2008Network AnalysisActive Directory

Avatar of undefined
Last Comment
Qlemo

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Adam Brown

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Brian B

If that doesn't work, send out a notice that shares are being disabled, change the folder permissions after a specified amount of time and see who complains. :-)

Adam Brown

If that doesn't work, send out a notice that shares are being disabled, change the folder permissions after a specified amount of time and see who complains. :-)

Scorched Earth Change Management. Easy, fast, with the added benefit that it ticks off the users. 

leadtheway

ASKER
Don’t think that would work as I think it’s a script or application somewhere doing it
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy
Qlemo

Is the server still in use as fle server for other  tasks? If yes, it will get difficult, if no all you need to do is log network access (e.g. by runnng net session and net file around the file creation time).