Question : Deleted Files, Who & When, Server 2008, NAS

Hi guys,

We have a network drive that is delegated security permissions through Windows 2008 servers. Let's just say somebody deleted a certain file from the drive (that they had access to), is there a way to track down who deleted the file and when it was deleted?

Answer : Deleted Files, Who & When, Server 2008, NAS

Right click on the folder where the data is stored, click properties, click the Security tab, then advanced, then the auditing tab. Click Edit, then Add. Enter Everyone and hit enter. A box will come up asking for what type of auditing you want to do. Scroll down to "Delete Subfolders and Files" and "Delete" and check Successful and Failed on each. Hit okay all the way back out. Entries will show up in the Security log on the Server or Computer that holds that folder. Let me look up the security codes on those so I can give you a way to filter for it.

Random Solutions

Zend sitemap.xml rendering inside <html>tags - how do I escape or context switch?

Count in a Query

https error for my website

Using one keyboard and mouse with two computers at the same time

Window Server 2003

What's a good backup? Using Backup Exec 11d, 12.5, and 2010 (different sites)

Building a Social Network Business Plan (book recommendation / article)

Lenovo R52 dead, won't power on

Module to load Webpage in Access Macro?