I have had to set up auditing on some of our folders to keep track of failed access attempts
I configured the auditng domain policy and set the auditing options on the required folders, I set it to generate a failure report when the user tries to write or delete files and it fails
however, I am getting lots of event id 560 (Failure Audit) even when the user has full control over the files/folder they are using
It seems to be when using office files, however there isn't much else they would access of other file types so that may be a red herring
Anybody else had similar problems?
I configured the auditng domain policy and set the auditing options on the required folders, I set it to generate a failure report when the user tries to write or delete files and it fails
however, I am getting lots of event id 560 (Failure Audit) even when the user has full control over the files/folder they are using
It seems to be when using office files, however there isn't much else they would access of other file types so that may be a red herring
Anybody else had similar problems?