3
Is there a way to log all Windows permission errors?
I would like something like:
-> Application "XYZ" tried to read/write/whatever file "Foo" as User "Bar": permission denied
andrecarlucci
Posted 2011-09-11T22:34:55.997
Reputation: 1 095
Is there a way to log all Windows permission errors?
Answers
2
In Windows 7, for general auditing look at "Administrative Tools | Local Security Policy | Security Settings | Local Policies | Audit Policy" .. or just run secpol.msc.
For auditing for files/folders look at "file/folder | Properties | Security | Advanced | Auditing". By default it will be empty for almost all files except maybe very few system files (auditing can produce noticeable overhead on busy systems). Empty means that no auditing is setup. Click "Edit" and then "Add" to create auditing entry/rule.
LazyOne
Posted 2011-09-11T22:34:55.997
Reputation: 506
1For Windows 7 look at "Administrative Tools | Local Security Policy | Security Settings | Local Policies | Audit Policy" (or just run
secpol.msc). For files/folders also look at "file/folder | Properties | Security | Advanced | Auditing" – LazyOne – 2011-09-12T00:32:48.907@LazyOne: You need to post that as an answer for future visitors. – surfasb – 2011-09-12T00:33:58.223
@LazyOne -> For files/folders, Auditing is empty :( – andrecarlucci – 2011-09-12T01:26:16.247
@andrecarlucci Yes, it's empty -- this means no auditing is setup (that is the default for almost all files except maybe very few system files -- auditing can produce noticeable overhead on very busy systems). Click "Edit" and then "Add" to create auditing entry/rule. – LazyOne – 2011-09-12T01:30:10.717
Thanks a lot @LazyOne. Could you please post your comment as an answer? Cheers. – andrecarlucci – 2011-09-12T01:39:21.560
A word of caution: auditing will slow the OS down. Depending on hardware, it can be quite noticeable. – None – 2011-09-12T01:45:17.790