Clarity, Technology, and Solving Problems | PracticeThis.com
WP7 App with Key Windows Azure resources – Slides, Videos, How-To’s, and T-shooting – for quick consumption on the go.
In my post File Access Auditing - I Am Not Afraid Of GPO I've digested technet documentation on how to set Active Directory Group Policy Object (AD GP) to enable file access auditing as security measure to prevent repudiation. It is heavy weight techniques for scenarios where developer just needs to understand why she gets "Access denied" during development or while deploying in test environment - "Strange, it all worked on my machine...." :)
For that purpose I use two light weight tools from Sysinternals, the whole portal of Sysinternal's tools is here Windows Sysinternals loaded with free goodies.
First tool is file monitor (filemon) - it monitors file access activity and when double clicking on some line it shows the user accessed that file:
But when the file is accessed from other machine, filemon does not have this information:
Mark Russinovich kindly explained me why it is not there and suggested using another great tool - process monitor. The tool has details column which includes the data what I was looking for - Impersonating:<<account name>>:
Very cool, very usable, very light weight
Identity story with .Net really rocks, but along with great extensibility it also brings a lots of confusion
If these articles: How To: Implement Kerberos Delegation for Windows 2000 How To: Use Impersonation and
If these articles: How To: Use Protocol Transition and Constrained Delegation in ASP.NET 2.0 Using Protocol
i want be a good software engg.
Akash, be a good sw engineer
patterns & practices team maintains Design for Operations [DFO] project on codeplex . The goal of
A few years ago, I recall needing to know (programmatically) which user has accessed a particular file