Yes, the owner in the advanced security properties show someone different
entirely. However, this isn't the main issue I'm trying to resolve. I am
trying to figure out why all files in this one folder became password
protected with no known user intervention. I can get around the password
protection, but the user's want an answer as to why this happened and I would
rather it not to happen again. I have auditing enabled on this directory,
but for example one file says it was last saved/modified at 1:34 a.m., but
in the security log on the server there is no such action.
"DaveMills" wrote:
> The Author field is often the person that created the original document which is
> then copied by others and edited. Not too many use the "template" facility. You
> cannot rely on Author. Look at the NTFS "Owner" security property of the file to
> see who created the document. I know this is not 100% either but it is far
> better than Author as when the file is copied the owner changes but the author
> does not.
>
>
> On Wed, 16 Jul 2008 11:58:01 -0700, Curtis Rich
> <> wrote:
>
> >Hello,
> >
> >We have two servers with 03 R2 and each are running DFSR replication, and
> >there seems to be a folder with around 12 files in it, that mysteriously
> >password protected themselves without any user intervention. I was thinking
> >a macro virus or something, but cannot find anything. Also, the user that is
> >assigned "author" in the file properties has not been with the company for
> >over a year and this user's account is not in AD at all. Any experience with
> >this issue or any suggestions on what to look for/try would definitely be
> >appreciated.
> --
> Dave Mills
> There are 10 type of people, those that understand binary and those that don't.
>
|
Similar Threads
Linear Mode
