On 9/06/2004 at 06:44:55, Rick Davidson wrote: > Does anyone here have a suggestion for catching a "trusted" network admin > who is suspected of reading someones email via the flat text mailbox file in > the users folder? They have access to the console terminal services. Is > there someway to covertly record a console or TS session?
If you're only interested in the file accesses, you could try Windows' built-in auditing. Auditing itself gets enabled through Group Policy (Start | Run | gpedit.msc if you're not pushing policy down through the domain), then you can selectively audit file access by certain users by going into the properties of the IMail Users directory, Security | Advanced | Auditing. http://support.microsoft.com/?id=300549 explains the process in a bit more detail for Windows 2000; the steps are similar with other OSes. Cheers, Evan To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
