T h e _ c o n t e n t _ s e c u r i t y _ c o m p a n y

LogACL Frequently Asked Questions

 

What means ACL ?
ACL is Access Control List. ACLs take place in the NTFS Microsoft file system. They are specified either file by file or by directory. ACLs are lists of Windows groups or user accounts that have a certain access to the file or directory. The number of file or directory objects make their management quite difficult. It's where LogACL can help.

When running LogACL in order to insert or update queries, no changes are applied to the ACLs

  • Verify you unchecked the "Scan Only" checkbox. (checked by default).
  • Track possible errors into LogACL log file from menu "Options", then "Display log".
  • Verify you are logged as an administrator on the domain OR you have correct privileges on the distant machine you try to manage if you are in a workgroup (no domain)
  • If files/dirs are located on a machine belonging to another domain, verify that the account you use to log on to this machine has the appropriate privileges.
  • Try to open a network admin drive on that machine. (\\machineName\c$ for example)

How can I remotely be correctly authenticated on distant machines drives thru the network?

  • When you setup your exploration scope, authenticate yourself as an administrator by mapping drives:
    - Dynamically (non persistent) thru LogACL browsing buttons,
    - Statically with Windows explorer or command line "NET USE".
  • Use administrative shares (c$...) and machines local groups do include Domain Admins privileged group.

Access to directories is denied when trying to build my scope.

LogACL will not drop Windows security. You will need a third-party scheduler to run LogACL or the standard windows utility "cacls.exe" impersonated by the "system" account (With the standard Windows scheduler, using "System" as UserName), then, open access permissions to Domain Admins group on every object you plan to manage with LogACL.
Example :

cacls.exe \\machine\C$ /T /C /E /G "MYDOMAIN\Domain Admins ":F

will add full access permissions in all ACLs in drive C: of a machine. For further details, please refer to Windows documentation
 
© 2007 NextLOG Software LLC ________ | Home | Products | Download | Order | Support | Company | __________Terms & conditions