The information in this article applies to:
SYMPTOMSAdministrators cannot audit file system object attribute reads exclusive of file system object attribute writes. CAUSEAs part of its initialization, the Access Control List (ACL) Editor tool attempts to open files with both write and read access. This occurs so the ACL Editor tool can disable those graphical user interface (GUI) elements the user does not have rights to modify. The result of this behavior is that a read and write audit is recorded for simple read events. STATUSMicrosoft has confirmed this to be a problem in Microsoft Windows 2000. MORE INFORMATIONAn administrator cannot enable auditing to generate log entries only when someone attempts to change a file system object's security attributes. Every read access of a file system object attribute generates the WRITE_DAC event in the System Event log, regardless of the granularity specified. Additional query words:
Keywords : |
|
Last Reviewed: December 29, 1999 © 2000 Microsoft Corporation. All rights reserved. Terms of Use. |