Does anyone know how to make Windows 2003 identify a specific user each time that person accesses a share on a file server? The Audit Policy is set so that "Audit account logon event" and "Audit account management" and "Audit logon events" are all set to record Success and Failure. We also have "Audit object access" set to record failure. But when I view the Security log, I get very few actual user names and a ton of ANONYMOUS LOGON entries. For everyday business, we don't need to record each file/folder access, just when a user connects/disconnects to a share. The ANONYMOUS LOGON entries don't record a username. This is on a domain member server, so each user is authenticating to the DC, not to the local SAM.
September 26, 2008 6:42 PM
September 26, 2008 8:16 PM